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Abstract. The paper describes ergodic (with respect to the Haar measure) func- 
tions in the class of all functions, which are defined on (and take values in) the ring 
Zp of p-adic integers, and which satisfy (at least, locally) Lipschitz condition with 
coefficient 1. Equiprobable (in particular, measure-preserving) functions of this class 
are described also. In some cases (and especially for p = 2) the descriptions are given 
by explicit formulae. Some of the results may be viewed as descriptions of ergodic 
isometric dynamical systems on the p-adic unit disk. The study is motivated by 
the problem of pseudorandom number generation for computer simulation and cryp- 
tography. From this view the paper describes nonlinear congruential pseudorandom 
generators modulo m which produce stricly periodic uniformly distributed sequences 
modulo m with maximal possible period length (i.e., exactly m). Both the state 
change function and the output function of these generators could be, e.g., meromor- 
phic on Xp functions (in particular, polynomials with rational, but not necessarily 
integer coefficients), or compositions of arithmetical operations (like addition, mul- 
tiplication, exponentiation, raising to integer powers, including negative ones) with 
standard computer operations, such as bitwise logical operations (e.g.,XOR, OR, 
AND, NEG, etc.). The linear complexity of the produced sequences is also studied. 



1. Introduction. 

A number of applications in computer simulation, numerical analysis (especially 
Quasi Monte Carlo) and cryptography demand regular methods to generate suc- 
cessively a uniformly distributed sequence. The corresponding literature is so vast 
that we could not even mention here the most important monographs in the area. 
We refer only [2] , where a reader could found a rather substantial survey of relevant 
methods as well as a comprehensive bibliography. The major part of these methods 
are certain recursive procedures, which may be viewed also as automata. The latter 
are commonly referred as pseudorandom (or quasirandom) generators. 

The typical one is the so-called linear congruential generator, which has been de- 
veloped more than half a century ago. It produces a sequence {xn : n = 0, 1, 2, . . . } 
over a set {0, 1, . . . , m — 1} (the latter is commonly treated as the residue class 
ring Z/m of the ring Z of rational integers modulo natural m > 1), which is a 
first order recurrence sequence, defined by Xn+i = a + bxn (mod m) with integer 
rationals a, b. The sequence is uniformly distributed iff it is purely periodic with 
period length m. The latter condition implies that each element of Z/m occurs at 
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the period exactly once; and vice versa. The necessary and sufFcient conditions a 
and b must (for a given m) satisfy to provide the maximal period length (i.e., m) 
of the produced sequence, are well known -see [2, section 3.2.1.2, theorem A]. 

The undoubtful advantage of linear congruential generators is the simplicity 
(especially for m = 2'^) of their program implementations. One of the key reasons 
of their disadvantages (e.g., lack of statistical quality of the produced sequences, for 
certain applications) is their linearity. For instance, as the state change function 
f{x) = a + bx of the generator is a polynomial of degree 1, the produced sequence 
has linear complexity 2 over the ring Z/m, i.e., it is a linear recurrence sequence of 
order 2 over Z/m (defined by Xn+2 = (1 + b)xn+i — bxn (mod m)). Hence, for each 
m the points (Sn+i Ss±i ^\ fall into the parallel planes c + X - (1 + b)Y + bZ 
(c e Z), which intersect the unit cube of Euclidean space. The well known result due 
to George Marsaglia [7] states that similar effect also holds in higher dimensions 
> 3: all the points fall into the relatively small number of parallel hyperplanes 
(rather than fill this cube more or less uniformly), and the reason is again that 
deg/ = 1. 

During the past decades these considerations stimulated the devclopement of 
various alternatives to linear congruential generators. The significant part of these 
are nonlinear congruential generators with state change function / being either a 
polynomial over Z of degree > 1, (in particular, quadratic [2], or of higher degree 
[15]), or some non-polynomial transformations, which gave rise to exponential gen- 
erators (with f{x) = a^^^)), or to so-called inversive generators, involving raising 
to negative powers (for the survey of different generators we again refer to [2]). 
Very often some authors seem to be more concerned with the linear complexity of 
the produced sequence, then with its uniform distribution, admitting non-maximal 
period length, i.e., they admit state change functions /, for which the sequence 
never reaches the period length m, and hence, in a strict sence, is not uniformly 
distributed in Z/m. In such cases the authors have not only to estimate possible 
period lengths, but also to choose the initial state (the seed) xq of the generator 
according to certain (sometimes, sophisticated) procedures, which are to assure 
logging on the suflaciently long period, rather then to choose the seed at random. 

Increasing the degree of a polynomial (as well as the use in the composition 
other arithmetical operations like exponentiation or taking an inverse) is also has 
to be paid for by certain rise of complexity of program implementation. The most 
disappointing here is that the statistical quality and complexity of the program 
implementation of the generators often occur to be in inverse dependence: the better 
the quality the slower the performance; fast generators sometimes demonstrate lack 
of quality. 

So it is still important to find new classes of functions /: Z/m ^ Z/m, for which 
the corresponding generators, 

(1) firstly, achieve maximal possible (i.e., exactly m) period length of the re- 
currence sequence defined by the relation Xn+i = f{xn) (mod m), hence 
producing uniformly distributed sequence in Z/m (we refer such transfor- 
mations / as transitive modulo m); 

(2) secondly, guarantee the suffuciently large linear complexity of the produced 
sequence over Z/m, i.e., absence of 'short' (in some definite sence) linear 
dependencies of the form CiXn+i = (mod m) (n = 0, 1, 2, . . . ) among 
the members of the sequence; 
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(3) and, thirdly, basically arc 'casy-to-iniplcrncnt', namely, arc; 'flexible', i.e., 
have certain (critical to the performance) parameters, varying which it is 
possible to gain speed without loosing quality. 

The paper presents wide classes of transformations / which to some extend satisfy 
these conditions. 

At the first turn we obtain transitivity modulo m conditions for functions, which 
could be implemented as compositions of arithmetical operations (addition and mul- 
tiplication of integers), as well as of standard computer ones, like bitwise logical 
operations, shifts, masking, etc. These compositions might involve as well exponen- 
tiation and taking a multiplicative inverse, hence, raising to negative powers (see 
4.9, 4.11, 2.5) and/or OR,XOR, AND, etc., see 2.5, 2.8. 

In particular, we describe wide classes of transitive modulo m functions which 
could be expressed as integer- valued polynomials with rational (and not necessarily 
integer) coefficients (see 4.7), as well as by analytic functions (4.11, 4.9, 2.5) or 
mcromorphic (in particular, raional) functions (4.9, 4.11, 4.12). These conditions 
are casy-to-vcrify, and with the use of them the various explicit formulae for transi- 
tive modulo TO transformations could be (and are) obtained - see e.g. 2.3, 2.4, also 
2.5 2.8 (as well 4.11, 4.12) together with 2.1, and other examples here and there in 
the paper. 

To illustrate, we start with some of these examples: theorem 2.7 together with 
lemma 4.11 imply that each transformation / of the form 



is transitive modulo to, = 2^ for all k = 1,2, .. . and for arbitrary composition g of 

(1) arithmetical operations — an addition (y, z) i-^ y + z, a, multiplication 
(y, z) t-^ yz, an exponentiation {y, z) i-^ {1 + 2yY (in particular, taking an 
inverse y i-^ (1 + 2y)~^), 

(2) bitwise logical operations — such as conjunction {y, z) i— > y AND z, disjunc- 
tion [y, z) yO^z, exclusive 'or' [y, z) ^ j/XOR^;, negation z i— > NEG^;, 
etc., 

(3) machine operations (which could be derived from the bitwise logical ones) 
— an s-step shift towards most significant bits z h- > 2^z, masking z i— > 

2; AND M , M being a mask, 'reduction modulo 2*', i.e., a truncation of the 
most significant bits z ^ z mod 2" = z AND(2'' — 1), and some others. 

We assume here that all the operands are non-negative integer rationals which are 
represented as base 2 expansions; so, for instance, 2 = 1X0R3 = 2 AND 7 = 
NEG13 (mod 8), 3"! = 11 = -5 (mod 16), 3"^ = 3" = 3"^ = 11 (mod 16), 
etc. Up to this agreement the functions g and / are correctly defined on Z/to, the 
efficiency of their program implementation depends only on the number of 'fast' 
and 'slow' operations in the composition g and hence one may vary it in wide range 
to achieve the desired performance. 

We emphasize, in the example just mentioned the transitivity modulo to = 2*^ 
does not depend neither on k nor on actual form of the composition g — both for 
g{x) = a:X0R(2a; + 1) and for 



f{x) = l+x + 2{g{x + l)-g{x)) 
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the sequence defined by the recurrence relation Xn+i = 1 + a;„ + 2(g(x„ + 
1) — g{xn)) (mod 2*^) is uniformly distributed in for each k = 1, 2, 3 Ac- 
tually, this sequence is strictly periodic with period length 2*^, and each element of 
{0, 1, . . . ,2*^ — 1} occurs at the period exactly once. 

Similar assertions also hold for arbitrary composite m: e.g., 4.11 and 4.12 imply 
that the transformation 

f{x) = l+x + TT{mfu{x){l + 7r(m)i;(x))"'(^) 

with 7r(m) being a product of all prime factors of m, is transitive modulo m for 
arbitrary polynomials u{x),v{x),'w{x) G Z[x] over Z. A variety of results of such 
kind may be obtained in much more general situation for integer- valued polynomials 
with rational (not necessarily integer) coefficients by applying the techniques of 
section 4. 

Note that this example also demonstrates how by minor changes of the recurrence 
relation one may achieve the transitivity of both inversive generator (for which 
f{x) = a + bx~^ or /(x) = {a + bx)~^) and exponential generator (with /(x) = o"^): 
for w{x) = ccmst = — 1 the introduced generator is of inversive type, for v{x) = 
const it is of exponential type. 

As for linear dependencies J21Zq CiXn+i = (mod m) (n = 0, 1, 2, . . . ) of fixed 
length r in produced sequences {x„ = /(x„_i) (mod m) : n = 1, 2, . . . }, one may 
say that from this view among all congruential generators linear ones are rather 
exceptions than the law. For instance, if /: Z — > Z is represented by a transitive 
modulo some prime power m = p'' (fc > 3) polynomial of degree > 2 with integer 
rational coefficients, no such dependencies with r and c^ not depending on k do 
exist. Moreover, in this case the minimal order of linear recurrence sequence over 
Z/p*^, which represents the produced sequence, tends to infinity together with k (in 
fact, much more general result holds see 5.1-5.4 for exact statements). 

The paper also studies equiprobable modulo m functions, i.e., mappings F of 
the sth Cartesian power (Z/m)^^^ onto the tth Cartesian power (Z/m)(*) of the 
ring Z/rn, (s > i), such that all prcimages of all elements are of the same cardinal- 
ity. In particular, for s = t equiprobable modulo m functions are bijections of the 
corresponding rings and throughout the paper are referred as bijective modulo m 
functions. A very particular case of the equiprobable modulo m functions studied 
here are so-called permutation polynomials modulo m, the latter being polynomi- 
als over Z which induce bijections of the ring Z/m onto itself. The results of the 
paper concerning equiprobability modulo m generalize known [8] results on permu- 
tation polynomials to much wider classes of functions. The study was motivated 
by the observation that application of equiprobable modulo m functions as output 
functions to uniformly distributed in Z/M periodic sequences with period length 
M leads to new uniformly distributed in Z/iV (with N\M) sequences of the same 
period length M. In other words, each element of Z/N occurs at the period of 
such sequence the same number of times (but not necessarily once) . Hashing with 
equiprobable modulo m functions the sequences, generated by already introduced 
methods, seems to be useful to design secure stream ciphers. Yet this will be an 
issue of the forthcoming paper and is out of the scope of the present one. 

Note that proofs of our basic assertions imply yi-adic techniques. The problems 
stated above are firstly restated in these terms. Actually the paper studies ergodic 
with respect to the Haar measure (as well as preserving this measure or equiprobable 
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with respect to it) functions, which arc defined on (and wliich take values in) tlie 
space Zp of all p-adic integers, and which are non-expanding functions, i.e., satisfy 
Lipschitz condition with coefficient 1. Prom this view the results of the paper 
could be of interest for non- Archimedean dynamical systems theory: a number of 
statements could be easily interpreted as descriptions of ergodic dynamical systems 
with discrete time and with Zp as a phase space. 

The paper continues the study started in [11]: here we prove some results an- 
nounced in [11, 12, 14, 17] and establish new ones. Moving towards exact state- 
ments, for reader's convenience we recall some facts from the p-adic analysis and 
the theory of uniform distribution of sequences, following [6], [3] and [2]; we recall 
some necessary results, definitions and notations from [11] as well. 

Here and after let p be a prime number. Consider a canonic representation 
z = zo + zip + Z2P^ + ■ ■ ■ of p-adic integer z ^ 0, where Zj S {0, 1, . . . ,p — 1} {j = 

0. 1, 2, . . . ); we denote ordp z — minjj : Zj ^ 0} the exponent of a maximal power 
of p which is a factor of z. By definition, ||z||p = j;^"''dp^ is p-adic norm of z, 
||0||p = 0. The valuation || ||p could be expanded to the whole field Qp of p-adic 
numbers (which is a quotient field of the ring Zp of p-adic integers) in a standard 
way; so this valuation induces on Qp a distance dp{u, v) = \\u — t;||p, with Qp being 
a completion of the space Q of all rationals with respect to this distance. Note that 
often they use another terminology, where a distance is called a metric, a p-adic 
norm is called a p-adic value, whereas the term 'p-adic valuation' is reserved for 
ordp. However, throughout the paper we mainly use the terminology of [3], with 
the only exception, speaking of 'p-adic norms' instead of 'p-adic values'. 

The ring Zp = {u G Qp : ||w||p < 1} is compact in the space Qp, being a closure 
of the set No = {0,1,2,...}. Hence, Zp is a separable compact metric space. 
The set of all coscts with respect to all ideals of the ring Zp forms a base of the 
corresponding topology. Each coset a + p'^Zp (a £ Zp, fc = 0, 1, 2, . . . ) is an open 
(and simultaneously closed) ball of radius p~'^. 

There exists a natural measure /i on Zp: putting ^{a + p'^ljp) = p~'^, we then 
expand /U to the correponding a-ring generated by all compact subsets of Zp (these 
compact subsets are exactly all closed subsets of Zp). So we define uniquelly a 
measure on Zp, which is non- negative cr-additive regular normalized Borel and 
Haar measure in this case. Thus, /z is a natural probability measure on Zp. The 
probability measure on n-dimensional space could be defined in a similar way 
as a corresponding normalized Haar measure. 

Now let /: Zp ^ Zp be a function, which preserves all congruences of the ring Zp, 

1. e., aOb implies f{a)9f{b) for each congruence 9 and all a,b € Zp. As each nontrivial 
congruence of the ring Zp is an equivalence modulo certain ideal p'^Zp (we denote 
this congruence via • = • (mod p*')), it can be easily shown that the function / 
preserves all the congruences of the ring Zp iff it satifies Lipschitz condition with 
coeflflcient 1: \\f{x) - f{y)\\p < \\ 

•'^ ~ yllp- Function preserving all congruences of 
a universal algebra is called compafAble: we will use this term instead of the term 
'conservative' of [11], since the latter in numerous papers on algebraic systems has 
another meaning, see [8, p. 45]. 

The class of all compatible functions on Zp is rather wide: it contains all func- 
tions represented by polynomials with rational integer or p-adic integer coefficients, 
integer-valued analytic on Zp functions, as well as integer-valued and meromorphic 
(in particular, rational) on Zp functions with denominators equivalent to modulo 
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p at no point of Zp. Some other examples will be introduced further in the paper. 

Recall that a function, which is defined on some field F, and which takes values 
there, is called integer-valued iff all its values are integers of F providing arguments 
take integer values in F. Further we study integer- valued functions on the field Q^; 
hence they map Zp into Zp. In particular, we study integer-valued functions on Q. 
A polynomial over a field F is called integer-valued iff it induces an integer- valued 
function on F. Note that integer-valued function f on F defines on the ring Z of 
all integers of a function f\z Z Z, which is not necessarily compatible on Z, 
i.e., does not necessarily preserve all congruences of Z; yet, if f\z is compatible as 
a function on Z, then (in cases which do not lead to misunderstanding) we also call 
/ compatible. Moreover, if a compatible integer-valued function / could be defined 
by a polynomial over F, we call compatible the corresponding polynomial too. 

Note that the notion of compatible integer-valued function could be naturally 
expanded to the multivariate case — a valuation (and hence, a distance) on the 
space Zp induces a (pseudo)-valuation (hence, a distance) on the n-dimensional 

space Zp"^ in a standard manner: for u = {m, . . . ,u„) G Zp"^ we assume ||u||p = 
max{||uj||p -.1=1,2,..., n}. So, the function 

i^=(/i,--.,/m):4"^-ZM 

is compatible iff it satisfies Lipschitz condition with coefficient 1. In particular, all 
compatible on Zp functions are continuous as functions of p-adic variables. 

This obvious conclusion is important for applications. Each machine word, i.e., 
a word of some finite length in the alphabet {0, 1}, could be treated as a 2-base 
expansion of a non-negative integer rational. Then all the above mentioned bitwise 
logical operations and machine operations could be naturally continued to the set 
Z2 of all 2-adic integers in their canonic representations. Moreover, the above men- 
tioned arithmetical operations could be continued to Z2 cither. It could be easily 
demonstrated that all these operations (to be more precise, their uniquelly defined 
continuations to Z2) and all their compositions are compatible (hence, continuous) 
integer-valued functions on Z2: for exponentiation {y,z) <—>■ (1 + 2?/)^, and, in par- 
ticular, for the inversion y {1 + 2y)~^ see 4.11, for the rest the assertion follows 
immediately from the corresponding definitions. We note here that an m-step shift 
towards less significant bits (i.e., the operation \_-:^\ of 'integer division', a division 
succeeded by a truncation of the fractional part of the quotient) is not compati- 
ble, yet continuous, integer-valued function on Z2 (hence the results of the paper 
remain valid for compositions including the latter operation either, providing the 
whole composition is compatible). 

These considerations give an opportunity to apply, while studing compositions 
of the above mentioned operations, certain methods of non- Archimedean (p-adic) 
analysis. Certainly, these techniques could be applied only to problems which are 
stated in appropriate terms (measures, distances, limits, derivatives, etc.). 

It turnes out that some properties of functions, which traditionally have been 
treated as discrete mathematics issues, could be restated in these terms. We have 
already introduced one of such properties, namely, compatibility. It worth a brief 
notice in this connection that so-called 'determinate functions on superwords' of 
automata theory (which are functions defined on infinite sequences of {0, 1}) after 
natural identification of superwords with elements of Z2 could be considered as 
compatible functions on Z2. 
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There exist other properties which could be restated in such manner. Wc con- 
sider a property of a compatible function F = (/i,... ,fm)-'Zp^"^ — * Zp*^™-* to 
be equiprobable modulo . The latter by definition means that the function F 
induces on the nth Cartesian power {Z/p'')^^^ of Z/p^ an equiprobable function 

F = (/i,... ,/,„): (Z/p'')(") ^ (Z//)('"), i.e., each point of (Z//)^"^ has the 
same number of i^-preimages in (Z/p'^)*'"''. In particular, for m = n equiprobable 
modulo p'' functions are exactly bijective modulo p'^ functions. We consider also an 
important (especially for pseudorandom generation) property of a bijective mod- 
ulo p'^ fmiction F to be transitivite modulo p'' , which means that F induces on 
(Z/p'^)'"^ a single cycle permutation. Note that while defining notions of equiprob- 
ability, bijectivity or transitivity of a function F modulo p'^, we have assumed the 
compatibility of F. 

A value of induced function fi{x) in the ring Z/p'^ is, by definition, fi{x) mod 
p'^, the least non-negative residue modulo p'^ of ,fi{x), i.e., fi{x) modp*^ = a € 
{0, 1, . . . — 1}, with — a\\p < p^^ . In view of compatibility of the func- 

tion /j, the value of the function fi{x) does not depend on choice of the repre- 
sentative a; in a coset of the ring Zp"' with respect to the ideal (p'^Zp)^"^; hence, 
the fimction F correctly defines on (Z/p'^)'^") a function F mod p*^ = ifii^) niod 
p'',--- , fm{x) modp*^), which takes values in (Z/p'^)^'"). Throughout the paper 
the latter function is denoted via F modp'^, or via F, when it does not lead to 
misunderstanding. 

Now recall some definitions of the theory of measurable functions (cf. [1]). Let S 
and T be spaces with nonnegative normalized measures and r, respectively, and 
let f-.S^Thea, measurable function, i.e., each full /-preimage f~^{U) oiU QT 
is /i-measurable for each r- measurable U. 

We say that the function / is (^, t)- proportional, iff for each pair of r-measurable 
subsets [/, y C T the equality t{U) = riV) impHes the equality ii{f~^{U)) = 
l^{f~^{V)). In case both /x, r are probability measures (e.g., are properly normalized 
Haar measures), then / is called {ij.,t)- equiprobable (or equiprobable with respect to 
H and r) ifl[ n{f-^{U)) = t{U) for each r-measurable U CT. For 5* = T and 
fi = T we say that / preserves measure iff fj,{f~^{U)) = niU) holds for each 
/U-measurable U. Finally, if / preserves measure n, and for /x-measurable subset U 
the equality f~^{U) = U imphes that either iJi{U) = 0, or /u(J7) = 1, we say that / 
is fx-ergodic (or ergodic with respect to /x). 

Note that in metric theory instead of terms 'measure-preserving function' or 
'equiprobable function' they often use terms 'metric cndomorhism' and 'nicitric; 
homomorphism', and in dynamical systems theory they sometimes speak about 
'metric transitivity' instead of ergodicity. Since throughout the paper we deal 
with the only measure, the properly normalized Haar measure, we omit mentioning 
this measure, so preserving the Haar measure, equiprobable (accordingly, ergodic) 
with respect to the Haar measure functions are referred as measure-preserving, 
equiprobable (or, accordingly, ergodic). 

The following theorem holds: 

1.1 Theorem. A compatible function i^iZp*-"^ lip^™'^ is equiprobable {respec- 
tively, measure-preserving or ergodic) iff it is equiprbable {respectively, is bijective 

or transitive) modulo p^ for all k = 1,2, A compatible and measure-preserving 

function F is bijective {consequently, is a metric automorphism); moreover, it is 
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an isometry of the space Zp' . 

Note that further throughout the paper while proving ergodicity (equiprobabil- 
ity) of a compatible function with respect to the Haar measTirc we actually prove its 
transitivity (equiprobability) each modulo p*^, k = 1,2, ... , i.e., directly establish 
the properties we are interested in view of the problems mentioned above. That is 
why we omit the proof of this theorem 1.1: it is not related directly to the aims 
of this paper. Nevertheless throughout the paper we use the relevant terminology 
(e.g., we commonly speak of 'ergodicity' instead of 'transitivity modulo p'^ for all 
fc = 1,2,...', etc.) 

In connection with theorem 1.1 it is worth noticing, however, that the results 
of the paper related to description of measure-preserving or ergodic functions may 
be treated as description of non- Archimedean (i.e., ultrametric) dynamical systems 
(Z^"' , F) with phase space Zp"'', discrete time, and with nonexpanding F (i.e. for 
each pair of points a, b a distance between their F-images F{sl) and F{h) does not 
exceed a distance between these points). In this scncc theorem 2.2, for instance, 
might be condidered as a complete description (in terms of explicit formulae) of 
ergodic dynamical systems of the above mentioned kind when p = 2 and n = 1; 
together with theorem 3.11 it gives full description of twice integer-valued (i.e., 
having everywhere integer-valued derivative) ergodic dynamical systems. These 
themes, however, are not covered by this paper and will be considered in forthcom- 
ing one. 

Returning to the leading theme of the paper we note that for a wide class of 
compatible functions, which are in some (properly defined in section 3) sence gen- 
eralizations of uniformly differentiable on Zp functions, the bijectivity modulo of 
a function for a certain k is equivalent to the property of being measure-preserving; 
the latter is equivalent to its bijectivity modulo p'^ for all k = 1,2,3, .. . . The 
property of being transitive modulo p'^ for a certain k turned out to be equivalent 
to the ergodicity of a function; the latter implies that the function is transitive 

modulo p'' for all k = 1,2,3, Finally, the equiprobability of a function modulo 

p*^ for a certain k implies its equiprobability with respect to the Haar measure; the 
latter property is equivalent to equiprobability modulo p'^ for all k = 1,2,3.... 
The results of this kind are proved in section 3. 

These results demonstrate the same remarkable effect originally cnlighted by 
Hensel lemma: the Hensel lift, that is, a situation when a behavior of a function 
modulo p''° for a certain ko controls its behavior modulo p'' for all k = ko + 
l,ko + 2, . . . and on the whole space Zp. This effect have been already observed 
while studying transitivity of some transformations. For instance, the necessary 
and sufficient conditions for the polynomial f{x) = a + bx with integer rational 
a,b (see e.g., [2; 3.2.1.2, theorem A]) could be restated as follows: a polynomial 
a -|- 6x is transitive modulo p'' for some (that is, for all) /e > 2 iff it is transitive 
modulo p for odd p or, respectively, modulo for p = 2. The general criterion 
for the transitivity modulo p'' of the polynomial / of arbitrary degree over integer 
rationals [15] demonstrates this effect either: for p ^ 2, 3 a polynomial / is transitive 
modulo p*', > 3, iff it is transitive modulo p^; respectively, for p = 2 or p = 3 
— iff it is transitive modulo p^. Note by the way that the latter result holds for a 
much wider class of functions, even not necessarily analytic (see 4.9-4.10). 

The results of section 3 show that Hensel lift of such properties as bijectivity or 
transitivity modulo p'^ is basically due to the specific character of p-adic distance 
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and holds for various rather wide classes of functions. The values of ko from which 
the lift starts are estimated in section 4. 

The results of this kind are useful if for a given / one has to establish whether 
it shares some property (e.g., transitivity or bijectivity) modulo p'^ for a definite 
rather large k, for which direct verification is not accessible. However, if one needs 
to construct out of prescribed operations a certain function, which is to be tran- 
sitive or bijective modulo p'', then explicit formulae are more convenient. Such 
formulae for bijective modulo 2*^ polynomials over Z were obtained in [13], for 
transitive modulo 2*^ polynomials over Z — in [15]. Explicit formulae for ergodic 
or measure-preserving compatible functions (in particular, for compatible integer- 
valued polynomials over Q), which are defined on (and take values in) Z2 were 
obtained in [11]. The current paper presents explicit formulae for compatible er- 
godic (or measure-preserving) functions on Zp for odd p — see the next section. 

2. Explicit formulae 

Recall (see [3]) that each function /:No — > Zj, (or, respectively, /:No Z) 
admits one and only one representation in the form of so-called interpolation series 



i=0 



where ( ^ j = — for « = 1, 2, . . . , and 1^1 = 1; Oi e Zp 

(respectively, Oj G Z), i = 0, 1, 2, . . . . 

If / is uniformly continuous on No with respect to p-adic distance, it can be 

uniquely continued to the uniformly continuous function on Zp. Hence the inter- 
polation series for / converges uniformly on Zp. The following is true: the series 

fi^) = Si^o^'^i)' ("-i G Qp, i = 0, 1,2, . . . ) converges uniformly on Zp iff 

p p 

lim ttj = 0, where lim is a limit with respect to p-adic distance; hence the uni- 

formly convergent series defines a imiformly continuos function on Zp. The latter 
function is integer- valued iff G Zp for alH = 0, 1, 2, . . . . 

Further throughout this section we assume that the function /:Zp Zp is 
uniformly continuous on Zp, and that it is represented by series {(}). The following 

three criteria hold (see [11]): 

2.1 Theorem. (See 4.3 of [11]; cf. [5]) A function f:Zp Zp is compatible iff 

ai=0 (modpL'°Sf*J) 

for all i = p, p + 1, p + 2, . . . . (Here and after for a real a we denote [a\ an 

integral part of a, i.e., the nearest to a integer rational not exceeding a.) 

2.2 Theorem. (See 4.5 of [11]) A function f: Z2 — > Z2 is compatible and measure- 
preserving iff it could be represented as 



00 / \ 

/(a;) = co + x + ^c.2L'°s^^J+iQ, 



where cq , ci , C2 . . . G Z2 . 
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2.3 Theorem. (Sec 4.7 of [11]) A function /:Z2 — *■ Z2 is compatible and ergodic 
iff it could be represented as 

00 

/(a;) = l + a; + ^Ci2Li°S2(i+i)J 

where cq, ci, C2 . . . S Z2. 

For an arbitrary prime p the necessity of condtions of theorems 2.2 and 2.3 docs 
not hold, yet the sufHcientness remains true. Namely, in this section we prove the 
following: 

2.4 Theorem. Let p be an odd prime. A function f: Zp Zp, which is represented 
in the form {(}), is compatible and measure-preserving if the following congruences 
hold simultaneously: 

ai ^ (mod p); 
ai = (modpL^°*5p'J+^), (i = 2,3,...). 

The function f if compatible and ergodic if the following congruences hold simul- 
taneously: 

ao ^ (mod p); 
ai = 1 (mod p); 
ai = (mod pNp(i+i)J+i)^ (i = 2,3,...). 



For the proof of the theorem we will need two additional results which are of 
interest by their own. 

2.5 Lemma. Let p be an arbitrary prime, let v. Zp ^ Zp be a compatible function, 
and let c,d be p-adic integers, with c ^ (modp). Then the function g{x) = 
fi + ex + pv{x) preserves measure, and the function h{x) — c + x + pAv{x) is 
ergodic. (Here and after A is a difference operator: Av{x) = v{x + 1) — v{x). 
Note that both g and h are obviously compatible since they are compositions of 
compatible functions.) 

Proof of the lemma 2.5. Firstly by induction on I wc show that g is bijective modulo 

for ain = 1, 2, 3, . . . . The assumption is obviously true for / = 1. 

Assume it is true for Z = 1, 2, . . . , fc — 1. Prove that it holds for Z = fc either. 
Let g{a) = g{b) (mod p*^) for some p-adic integers a, 6. Then a = b (modp*^"^) 
by the induction hypothesis. Hence pv{a) = pv{b) (mod p'^) since v is compatible. 
Further, the congruence g{a) = g{b) (mod p*') implies that ca-\-pv{a) = cb-\-pv{b) 
(modp*^), and consequently, co = cb (modp*^). Since c ^ (modp), the latter 
congruence implies that a = b (mod p'^), proving the first assertion of the lemma. 

To prove the rest part of the statement we note firstly that the assertion just 
proven implies that h preserves measure. To prove the transitivity of h modulo p*' 
for all /c = 1, 2, 3, . . . we apply induction on k once again. 

It is obvious that h is transitive modulo p. Assume that h is transitive modulo 
p*'"^. Then, since h induces a permutation on Z/p'^ and since it is a compatible 
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function, wc conclude that the length of each cycle of this permutation must be a 
multiple of p*^"^. So to prove this permutation is single cycle it is sufficient to prove 
that the function 

hP''~\x) = h{h...{h{x))...) 
V ' 

pk—l 

induces a single cycle pcrmuation on the ideal generated by the element 

p''~^ of the ring Z/p'^. In other words, it is sufficient to demonstrate that the 
function -^^h^ {p''~^x) is transitive modulo p. 

Applying obvious direct calculations, we successively obtain that 

h^{x) = c + X +pv{x + 1) — pv{x), 



{x) = h{h^-\x)) =cj + h^-\x)+pv{h^-'^{x) + l)-pv{h^-\x)) 

= cj + x+pJ2vif^\x) + l)-p^v{h\x)), 

i=0 i=0 

and henceforth. We recall that h^{x) = a; by definition. So, 

hP''~\x) = cp''-'^ + X + p v{h'{x) + l)-p ^ v{h\x)). (1) 

i=0 i=0 

Since h is transitive modulo p''~^ and compatible, we get now that 

J2 v{h'{x) + l)= ^ v{h\x))= (mod /-I), 

i=0 i=0 z=0 

and (1) implies then (x) = cp'^^^ + x (mod p^). But c ^ (mod p), so wc 

conclude that the function cp'^~^ + x induces on the ideal (p''"^) a single cycle 
permutation, thus proving the lemma. □ 

2.6 Corollary. Under the assumptions of lemma 2.5, let p be an odd prime, and 
let r = l(modp). Then the function c + rx +pAv{x) is compatible and ergodic. 

Proof of the collorary 2.6. We have that r = 1 + ps for a suitable s £ Zp. Now, 
since p is odd, the function 5(2) is compatible; consequently, the function v\{x) = 
5(2) +v{x) is compatible either. Yet Awi(a;) = sa; + Aw(a;), and it is sufficient now 
to apply lemma 2.5 to finish the proof of the corollary. □ 

Proof of the theorem 2. 4. Note that according to 2.1 a compatible function v{x) 
could be represented as 

C30 

2 = 1 
11 




where 0,61,62,... £ Zp. As [logpij = [logp(i + 1)J for alH = 1,2,... with the 
exception of i = p* — 1, {t = 1,2,3, .. . ), and as 



we finish the proof of the theorem, applying 2.5 and 2.6. □ 

For p = 2 the results just proven imply one more useful criterion of ergodicity of 
a function (or being measure-preserving). 

2.7 Theorem. A function f-.'Li Z2 is compatible and preserves measure {re- 
spectively, is compatible and ergodic) iff it can be represented in the form f{x) = 
c + X + 2v{x) {respectively, in the form f{x) = 1 + a; + 2Aw(a;)), where c G Z2 and 

v{x) is a compatible function. 

Proof. Follows easily from 2.1-2.3 and 2.5 in combination with (1) of the proof of 
the theorem 2.4. □ 

Both 2.5-2.6 and theorem 2.7 could be applied to consruct measure-preserving 
or ergodic functions as compositios of given compatible functions. For instance, 
putting v{x) = (a;^) XOR(a; + 32 AND a;) (this function is compatible as a compo- 
sition of compatible functions) we conclude that the function 

7 X -f 2((x2 + 2x + 1) XOR(a; + 1 + 32 AND(x -H))) - 2{x^ XOR(x + 32 AND x)) 

is ergodic. This conclusion is not very easy to verify by direct application of theo- 
rems 2.2 or 2.3. 

By the way, for p = 2 the statement of theorem 2.7 could be slightly modified 
to make it a little bit more convenient for the construction of ergodic functions out 
of addition and bitwise logical operations (like bitwise exclusive 'or', XOR, bitwise 
'and', AND, or bitwise negation NEG). Namely, it could be easily seen that in the 
ring Z2 there holds an identity z + 'NEG{z) = —1. Hence, Av{x) = v{x + l) — v{x) = 
v{x + 1) + NEG(v(x)) -|- 1, and we obtain the following 

2.8 Proposition. A function f: TLi Z2 is compatible and ergodic iff it can be 
represented in one {hence, all) of the following forms f{x) = 1 + x + 2{v{x + 1) + 
NEGt;(a;)) =2 + x + 2v{x + 1) + NEG(2w(a;)) = 3 H- a; -|- 2t;(a; -|- 1) -|- 2NEGv{x), 
where v: Z2 — > Z2 is an arbitrary compatible function. 

Since multiplication by 2 is just a 1-digit shift of 2-base expansion of a number 
towards senior bits, the proposition 2.8 could be applied to construct pseudorandom 
number generators out of the 'fast' computer commands, like addition, bitwise 
logical oherations and shifts towards senior bits, by implementing the function v as 
a composition of them. 

It worth noticing also that all the functions described in 2.4 - 2.8 are 'affine 
modulo p', i.e., induce on Z/p a transformation of the form x a + bx. 



This section studies conditions when a function of an important class of uniformly 
differentiable modulo p'' functions (which are properly defined below), is equiproba- 
ble, measure-preserving or ergodic. As a rule, the results of the section demonstrate 




00 



(1) 



3. Hensel lift. 
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the effect of Henscl lift, mentioned in the introduction: speaking loosely, if a func- 
tion F has some property modulo p''° then it has this property modulo p" for all 
n > ko. Besides, it worth noticing here that the results of this section, contrast- 
ing those of the previous one, provide some tools to construct measure-preserving 
or ergodic functions which are not necessarily afSne modulo p. In fact, a certain 
techniques based on the ideas of this section could be developed; these techniques 
enables one 'to lift' an arbitrary transitive transformation of the ring 'Z/p'^" to the 

function on Zp, which is transitive modulo p'^ iov all k = ko,ko + l,ko + 2, This 

is the main reason we introduce a notion of asymptotically compatible function 
below. However, the techniques themselves are not discussed here being left to the 
forthcoming paper. 

Firstly, recall some generalizations of our basic notions (see 5.1 of [11]). 

3.1 Definition. Let F = (/i, . . . , /„): Zp"' Zp"' be a function, not necessarily 
compatible. The function F is called (asymptotically) equiprobable. iff for all A: = 
1,2,... (respectively, for all sufHciently large fc S N) it is equiprobable modulo p'^, 
that is, the restriction F mod p'^ = (/i mod p^ ■ ■ , fm mod p'') of the function F to 
the set {0,1,... ,/-l}(") is an equiprobable function. (Note that in cases which do 
not lead to misunderstanding we identify the set {0, 1, . . . — 1}'"' with the set of 
all elements of the ring (Z/p'^)^")). By the analogy, we say that F is asymptotically 
measure-preserving (respectively, that F is asymptotically ergodic), iff i^modp*^ 
is a bijective (respectively, transitive) transformation of the ring (Z/p'')^") for all 
sufficiently large k. Lastly, we say that F is asymptotically compatible iff there 
exists positive integer rational N such that for all a, b G Zj,"' and all A: > A'' a 
congruence a = b (mod p'^) implies a congruence -F'(a) = F{h) (mod p^). 

By definition, for a = (ai, . . . , a„) and b = (6i, . . . , 6„) of Qp"^ the congruence 
a = b (mod p^) means that \\ai — bi\\p < p~^ (or, the same, that a, = 6, + Cjp* for 
suitable c, e Zp, z = 1, 2, . . . , s); that is ||a — b||p < p^^. In other words, a function 
is asymptotically compatible iff for some N G No it satisfy Lipschitz condition with 
coefficient 1 for each pair of points which are at least as close one to another as 
p~^ . Since Zp"^ is compact, F is asymptotically compatible iff it satisfy Lipschitz 
condition with coefficient 1 locally. 

Now for reader's convenience we recall some facts of [11]. A function F = 
(/i,... ,/to):Zp"-' — > Zp™-* is called differentiable modulo p'^ at the point u = 
(ui, . . . ,Un) G Zp"\ iff there exist a positive integer rational N and n x m matrix 

(u) over Q,, (called a Jacobi matrix modulo p^ of the function F at the point u) 
such that for each positive integer rational K > N and each h = {hi, . . . , hn) € Zp"' 
the inequality ||h||p < p~^ implies a congruence 

F(u + h) = F{u) + hF;(u) (mod p'=+^). {^) 

In case m = 1 a Jacobi matrix modulo p'' is called a differential modulo p^ . 
In case m — n a determinant of Jacobi matrix modulo p^ is called a Jacobian 
modulo p^ . The elements of Jacobi matrix modulo p*^ are called partial deriva- 
tives modulo p^ of the function F at the point u. A partial derivative (respec- 
tively, a differential) modulo p^ are sometimes denoted as ^^q^'^ (respectively, as 
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The definition immediately implies that partial derivatives modulo p'' of the 
function F are defined up to the p-adic integer summand which j3-adic norm does 
not exceed p~''. In cases when all partial derivatives modulo p'^ at all points of 
are p-adic integers, we say that the function F has integer-valued derivative modulo 
p^\ in these cases we can associate to each partial derivative modulo p^ a unique 
element of the ring TLjp^ ^ and a Jacobi matrix modulo p^ at each point u e Zp"^ 
thus can be considered as a matrix over a ring Ijjp^ . 

Under the latter agreement the 'rules of differentiation modulo p^'' have the same 
(up to congruence modulo p^ instead of equality) form as for usual differentiation. 
For instance, if both functions G: Zp*^ — *■ Zp"^ and F: Zp"'* — » Zp™-* are difierentiable 
modulo p^ at the points, respectively, v — (wi, . . . ,i;s) and u — G'(v), and their 
partial derivatives modulo p^ at these points are p-adic integers, then a composition 
F o G: Zp*^ — » Zp"*^ of these functions is uniformly difierentiable modulo p'' at the 
point V, all its partial derivatives modulo p'^ at this point are j>adic integers, and 

oG);(v)^G',(v)i^^(u) (mod/). 

By the analogy with classical case we define for the function F a notion of 
uniform differintiability modulo p^ on Z^"^ the least e N such that ip) holds 
simultaneously for all u G Zp"-*, whereas \hi\\p < p~^ , {i = 1,2,... ,n), is denoted 
via Nk[F). The latter number plays an important role in further coniderations. 

We recall that accordingly to 2.12 of [11] all partial derivatives modulo p'^ of the 
uniformly difFerentiable modulo p^ function F are periodic functions with period 
pNk{F) 'j'jjjg particular implies that each partial derivative modulo p^ can be con- 
sidered as a function defined on 'Ljp^''^^^ . Moreover, if F = (/i, . . . , /m): Nq"^ — > 
Ng"*^ could be continued to a function on the Zp"^ , which is uniformly differentiable 
modulo p^ on the whole space Zp"-* , this continuation could be done simultaneously 
with all its (partial) derivatives modulo p^ . 

Here and after in this section let F = (/i, . . . , /„): Zp"' Zp"^ and /: Zp"^ 
Zp be functions, which are uniformly differentiable on modulo p. This is 
relatively weak restriction since all uniformly differentiable on Zp"-* functions, as 
well as functions, which are uniformly difFerentiable on Zp"-* modulo p^ for some 
> 1, are uniformly difFerentiable on Zp"'' modulo p. 

(n) 

The examples of functions which are not uniformly differentiable on Zp , yet 
are uniformly difFerentiable on Zp"^ modulo p, are the Function f{x,y) = xXORy 
For p = 2 and its corresponding analogs for p ^ 2; all partial derivatives modulo 
p oF these Functions are congruent to 1 modulo p at all points (see [11]). Note by 
the way, that previously introduced function modp":Zp — > Z/p", the 'reduction 
modulo p"\ is uniformly difFerentiable on Zp (its derivative is at all points); the 

Function f{x,y) = xANDy is difFerentiable modulo 2 at no point of Zj , yet it 
is uniformly difFerentiable with respect to x For each y € Z: its derivative is For 
y > 0, and it is 1 in the opposite case. 

It turnes out that properties oF being asymptotically compatible or asymptoti- 
cally measure-preserving impose certain restrictions on p-adic norms of derivatives 
modulo p of a given Function. 

3.2 Proposition. If the function f: Zp — > Zp asymptotically preserves measure, 
then ||/i(w)||p ^ 1 at all points u e Zp. 
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Proof. Since a derivative modulo p*^ of the func;tion / is periodic; with period jr^'-'^^\ 
it is sufficient to prove the proposition assuming m e Nq. Definition of differentia- 
bility modulo p'^ implies that for K > Ni (/) and for m € No the congruence 

f{u + h)=f{u) + hf[{u) (modp^+1) (1) 

holds as soon as \\h\\p < . Assuming < 1 for some u € No, the 

condition f[{u) = (mod p) and congruence (1) imply that ,f{u+p^) = f{u) 
(mod The latter congrunce means that for all K > Ni{f ), such that u + 

pK ^ +1 _ 1^ tiie function / is not bijective modulo A contradiction. □ 

3.3 Corollary. // under the assumptions of 3.2 the function f is uniformly 
differentiable, then \\f'{u)\\p > 1 for all u GZp. 

Proof. Definition of a derivative modulo p immediately implies that 

f[{u)=r{u) (modp) 

for all u e Zp. Thus f'{u) = fi{u) + ps{u) for a suitable function s: Zp — > Zp. Yet 
if ||/i(w)||p > 1, then the latter equality obviously implies that ||/'(w)||p > 1 by the 
properties of p-adic distance. Now the conclusion follows from 3.2. □ 

The inverse of 3.2 is not true: an obvious counterexample gives the function 

2 _ 

^2- It vanishes both at and at 1, but the 2-adic norm of its derivative 
is 2 everywhere on Z2. Nevertheless, functions of this kind are locally injective. 
Namely, the following is true: 

3.4 Proposition. If the functionf: Zp — > Zp is uniformly differentiable modulo p, 

and if \\fi{u)\\p > I, then a space Zp can be represented as a disjoint union of a 
finite number of open {and simultaneously closed) balls U, for which the following 
holds: if a,b e U, k > Ni{f) and a^b (mod p^), then f{a) ^ /(6) (mod p'^). 

Proof. Consider a union 

Zp= U (a+p^Zp), 

a=0 

where A'' = Ni{f). Each set U = a + p^Zp is an open (and at the same time 
closed) ball of radius p~^ (see [3]). Let u.v e U, and let v. Then u = m + ft, 
where ||/i||p = p~^ for a suitable positive integer rational K > N. The definition 
of differentiability modulo p implies that 

f{u + h) = f{u) + hf[{u) (modp^+1). (1) 

Thus, if f{u) = f{v) (modp^), then (1) implies that ||/{(w)||p = p-^ < 1. A 
contradiction. □ 

The proposition 3.4 implies that if the p-adic norm of a uniformly differentiable 
modulo p function is not less then 1 everywhere on Zp, then this function might 
'glue together modulo p*'' for sufficiently large k only points which lie in distinct 
balls from the statement of 3.4. From here it follows 
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3.5 Proposition. Let a function f: 1,p Ijp be uniformly differ entiahle modulo 
p on "Lp. Then f asymptotically preserves measure iff the following condition hold 
simultaneously: 

(1) ||/i(w)||p >1 at all points u e Zp/ 

(2) /(a) ^ fih) (modp") for all n,a,b G Nq such that \\a - b\\p > p-^^U) 
0<a,6<p"-l. □ 

A. A. Nechaev (private communication) noticed tliat tlie function f{x) — ^' 
on Z2 asymptotically preserves measure (this also follows from 3.5). Thus, if a 
compatible function g: Z2 Z2 asymptotically preserves measure (all these func- 
tions are characterized in 2.2), then a composition h{x) = g{f{x)) is uniformly 
differentiable modulo p = 2 and asymptotically measure-preserving function, and 
llfi(w)l|2 = 2 at all points u G Z2. There are no other functions f:Z p y Zjpj 
which are uniformly differentiable modulo p, asymptoticaly preserve measure, and 
which derivatives modulo p have norms not less then 1 everywhere on Zp, [10]. The 
proof of the latter statement involves not only p-adic tools, but algebraic geometry 
techniques as well. 

The latter notice illustrates the fact that the second condition of the criterion 3.5 
is rather difficult to verify since one has to calculate values of a function at infinite 
number of points. However, the problem might be simplified by imposing certain 
restrictions on the function under study. Namely, we will assume additionally that 
/ maps each ball of radius p~^ (with M > Ni{f)) into a ball of radius p~^ 
(consequently, / is asymptotically compatible). This restriction is equvalent to the 
property of derivative modulo p to be integer- valued everywhere on Zp. 

3.6 Proposition. If for some M > Ni{f) a uniformly differentiable modulo p 
function f maps each ball of radius p~^ into a ball of radius p~^ , then f[{a) G Zp 
for all a G Zp. Vice versa, each uniformly differentiable modulo p function, which 
has an integer-valued derivative modulo p everywhere on Zp, maps each ball of 
radius p~^ into a ball of radius p~^ for all M > Ni{f). 

Proof. If M > Ni{f) and \\h\\p < p~^ . then the definition of uniform differentia- 
bility modulo p'' (see 2.4 of [11]) impHes that 

f{u + h) = f{u) + hf[{u) (modp^+1) (1) 

for all u G Zp. On the other hand, the inclusion /(a + p^'Zp) C /(a) -|- p^'Zp 
implies that 

\\f{u+h)-f{u)\\p<p-^ (2) 

for all h with \\h\\p < p'^ . Comparing (1) and (2) wc sec that ||/{(u)||p < 1. The 
inverse statement is equivalent to the asymptotic compatibility of / (see 2.10 of 
[11]). □ 

Henceforth in the section we additionally assume that / and F have integer- 
valued derivatives modulo p. In particular, this implies that both / and F arc 
asymptotically compatible (see 2.10 and 2.11 of [11]). Now we state necessary 
and sufficient conditions the function F must satisfy to be measure-preserving, and 
sufficient conditions for equiprobability of F. 
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3.7 Theorem. Let a function F = (/i, . . . , 'Zp' — > Zp' be uniformly differ- 
entiable modulo p and let all its partial derivatives modulo p be integer-valued on 
"Lp. Then F is asymptotically equiprobable if it is equiprobable modulo p'' for some 
k > Ni{F) and the rank of its Jacobi matrix F{{u) modulo p is exactly m at all 
points u = (wi, . . . ,Un) e {Z/p''Y"K 

Proof For ^ G (Z/p'')^'") denote F-\^) = {76 : Fi-y) = ^ (mod p')}. 

Let s > k > Ni{F). Since F is asymptotically compatible, and hence F is a sum 
of a compatible function and a periodic function with period p-'^i(^) (sec 2.10 of 
[11]), we conclude that if ry e P^+iiO^ then f] £ F~^{£). Here, in accordance 
with our agreement in the introduction, a = {di, . . . ,dm) & {Z/p^Y"^^ stands for 
a mod p^ = {ai mod p-"^ , . . . , Om mod p^), where a = (ai, . . . , am) & (Z/p*+^)("*). 
Put A = 7? +p'a G (Z/p^+i)("), where a G (Z/p)("). In view of the uniform 
differentiability of the function F modulo p (see (^)), we have 

F{X)=F{jj)+p'aFi{fi) (modp"+i). (1) 

Since F{f]) = ^ + p''(3 (mod and ^ = ^ + for suitable /3,7 G (Z/p)("), 

then (1) impUcs that A G -F,+\(0 iff A G J^7^(^) (i.e., f] G -^7^(0) and a satisfies 
the following linear system over a field Z/p: 

f3 + aFi{f])=j. (2) 

Thus, if columns of the matrix F[(7f) are linearly independent over Z/p, then linear 
system (2) has exactly distinct solutions for arbitrary /3, 7 G {Z/p)'^™\ From 

here it follows that 

\F7U0\ = (3) 

Hence, if F is equiprobable modulo p^ (i.e., if |-Fs"^(OI does not depend on and 
a rank of a matrix F[{f]) is m, then (3) implies that F is equiprobable modulo 

3.8 Corollaries. 1° Under the assumptions of theorem 3.7 let m = 1. Then F 
if asymptotically equiprobable if F is equiprobable modulo p'' for some k > Ni{F), 
and differential diF modulo p of the function F vanishes at no point of (Z/p'^)^"^. 

2° Let f{xi, . . . , Xn) be a polynomial with integer p-adic coefficients and in vari- 
ables xi,. . . ,Xn- A polynomial f is equiprobable if it is equiprobable modulo p and 
all its partial derivatives vanishes simultaneously modulo p at no point of (Z/p)^"^ 
(i.e., are simultaneously congruent modulo p nowhere). 

Proof. The assertion 1° trivially follows from 3.7. In turn, 2° immediately follows 
from 1°, since for all / G Z[a;i, . . . ,a;„] holds Ni{f) < 1. We have only to prove 
the latter inequality. 
By Taylor formula, 

" df 

f{x-i + hi,... ,Xn + h„) = f{xi,... ,Xn) + '^hi— +Q (1) 

where Q G Z[xi, . . . ,Xn,hi, . . . , /i„] , and each monomial in a canonic representation 
of the polynomial Q is of degree not less then 2 with respect to variables hi,. . . , /i„. 
Since ||(/ii, . . . , hn)\\p = p~^, where s > 1, for all values of ... , a;„ we have Q = 
(mod p^*). In view of (1) this proves the inequality. □ 

For m = n the above stated sufficient conditions of asymptotical equiprobability 
occur to be necessary as well. 
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3.9 Theorem. Uniformly differentiable modulo p function 



F = (/i,... ,/„):Z(") ^Z(") 

with integer-valued derivatives modulo p, asymptotically preserves measure if and 
only if it is bijective modulo p^i(^) and its Jacobian modulo p vanishes at no point 
of (Z/p^^^^^)^"'^ (equivalent condition: iff F is bijective modulo p^^^^^~^^) . 

Proof. If F is bijective modulo p^i^^) and its Jacobian modulo p vanishes nowhere, 
then in view of 3.7 F is asymptotically equiprobable, hence, asymptotically pre- 
serves measure, since m = n. 

Vise versa, let F asymptotically preserves measure, i.e., let F be bijective mod- 
ulo p'^ for all k > N, where N is some positive integer rational. Now take 
k > makX.{N, Ni{F)}, then the definition of uniform differentiability modulo p im- 
plies that 

F{u + p^a) = F{u) + p^aF[{ii) (mod (1) 

for all M, a G Zp. Hero F[{u) is an n x n matrix over a field Z/p. If det Fl(u) = 

(mod p) for some u G Zp""* (or, the same, for some u G {0, 1, . . . ,p^'^^^^ — Ij^"^ 
in view of the periodicity of partial derivatives modulo p), then there exists a G 
{0,1,... ,p-l}("\a^ (0,... ,0) (mod p), such that aF{(M) = (0,... ,0) (modp). 
But then (1) implies that F{u -\- p^a) = F{u) (mod p^^^). The latter contradicts 
the bijectivity modulo of the function F, since for u G {0, 1, . . . ,p^i*^^) — 1}*^"^ 
we have u,u + p^a G {0, 1, . . . ,p'^^^ — l}*-"-* and u + p^a ^ u. 

Now we prove the criterion in the equivalent form. Let F be bijective modulo 
pNi{F)_ Then assuming k = Ni[F) in the above argument, we conclude that 
detF{(M) ^ (mod p) for all u e Zp"\ According to 3.7, this implies that F 
asymtotically preserves measure. 

Let F asymptotically preserves measure, and let it be not bijective modulo p*^ 
for some k > Ni{F). We prove that in this case F is not bijective modulo p'^+^. 

Choose u,v G {0,1,... ,p'^ - 1}^") such that u ^ v F{u) = F{v) (modp''). 
Then either F{u) = F{v) (modp'^"'"^) (i.e., F is not bijective modulo p'^"'"^), or 
F{u) ^ F{v) (mod p'^+-'^). Yet in the latter case we have F{u) = F{v) + p^a 
(mod p'^+^) for some a G {0, 1, . . . ,p - 1}("), a # (0, ... ,0) (mod p). Consider 
ui = u -I- p*^/3, where /? G {0, 1, . . . ,p - 1}(") with /3 ^ (0, . . . , 0) (mod p) and 
j3F[{u) + a = (0, . . . , 0) (mod p). Such (3 exists, since F asymptotically preserves 
measure and, consequently, AetF[{u) ^ (mod p), as it have been proven already. 
Now the definition of uniform differentiability modulo p implies that 

F{u+p''P) = F{u)+p''(3F[{u) = F{v)+p''a+p''(3F[{u) = F{v) (mod p'^+i), (2) 

where u + p^[3 G {0, 1, . . . ,p'^^'^ — l}^"-* and u + p^a ^ v (since u =/= v). Thus (2) 
in combination with our assumption imply that F is not bijective modulo p*^"*"^. 
Applying this argument sufficient number of times, we conclude that F is not 
bijective modulo p* for all s > k. But at the same time F asymptotically preserves 

measure. A contradiction. □ 

3.10 Corollaries. 1° If n = 1 within assumptions of the theorem 3.9, then F 
asymptotically preserves measure iff it is bijective modulo p-'^i(^) and its derivative 
modulo p vanishes at no point of {0, 1, . . . ,p^^^^^ — 1}. 
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2° (cf. [8, Ch. 4, sections 4-5]) Let F = {fi,... ,fm)-K ^ 4 , where 
fi{xi, . . . , Xn) S Zp[xi, . . . , Xn], i = 1,2,... ,71. Then F preserves measure iff F 
is bijective modulo p and det F'{u) ^ (mod p) for all u G {0, 1, ... ,p — Ij^"^ 
{equivalent statement: iff F is bijective modulo p'^). 

3° Let A = {Zp-, n) be a universal algebra of finite signature fi, and let all opera- 
tions of Cl are uniformly differentiable modulo p and have integer-valued derivatives 
modulo p. Then a polynomial over A defines an asymptotically measure-preserving 
function iff it is bijective modulo p^^^\ where k{A) = max{A^i(a;) : w S $7} + 1. 

Proof. Assertion 1° trivially follows from 3.9. Assertion 2° holds in view of 3.9, 
since Ni{F) < 1 (see proof of the corollary 3.8). A compositin FoG oi functions F 
and G, which are both uniformly differentiable modulo p and have integer-valued 
derivatives modulo p, is uniformly differentiable modulo p function, which has an 
integer- valued derivative modulo p, and Ni{F o G) < ma,x{Ni{F), Ni{G)}. The 
latter proves assertion 3°. □ 

Comparing statements 3.7 and 3.9 one may ask a natural question whether suf- 
ficient conditions of 3.7 are necessary. The answer is negative: the results of [9] 
make it possible to construct the following counterexample. 

Consider a fimction f{x,y) = 2x -\- y^ on Z2. As / is a polynomial over Z, then 
it is uniformly differentiable, has integer-valued derivatives, and df = 2dx -\- 3y'^dy. 
So, df = (mod 2) if y = (mod 2). Nevertheless, / induces an equiprobable 
function (Z/2")(2) ^ Z/2" for every n = 1, 2, . . . . Here is a proof. 

For 71. = 1 we have that f{x, y) = y (mod 2) is an an equiprobable function on 
Z/2. Let n > 1. We will show that for every z £ Z/2" there exist exactly 2" pairs 
(x, y), such that f{x, y) = z (mod 2") and {x, y) G {0, 1, . . . , 2" - 1}(2). 

In fact, a z = 1 -\- 2r for some r G {0,1,..., 2"'~^ — 1}, then it follows that 
y = 1 2fc for some A; G {0, 1, ... , 2"-^ - 1}. So 2x + (1 + 2kf = l + 2r (mod 2") 
implies x -\- 3k -\- 6fc^ -|- 4fc^ = r (mod 2""^). The left hand part of the latter 
congruence is a polynomial (t>{x, k) in x, k. It is equiprobable in view of 3.8, 2°, since 
d(j) = dx-\- dk (mod 2) (and hence this differential vanishes modulo 2 nowhere) and 
(j) = X + k (mod 2) is obviously an equiprobable modulo 2 function. This implies 
that the congruence (f)(x,k) = r (mod 2""-*^) in unknowns x,k has exactly 2""-*^ 
solutions in {0,1,... ,2"-^ - 1}(2). 

If .2 = 2r for some r G {0, 1, . . . ,2"~^ — 1}, then it follows that y = 2k for 
some fc G {0,1,... , 2"~^ — 1}; consequently, the congruence f{x, y) = z (mod 2") 
implies the congruence x -\- 4fc'^ = r (mod 2"~^). Again the function ip(x,k) in 
the left hand part of the latter congruence is equiprobable in view of 3.8, 2°, since 
dijj = dx (mod 2) vanishes modulo 2 at no point of (Z/2)(^) and i}j = x (mod 2) is 
equiprobable modulo 2. From here, using an argument similar to one of the previous 
case, we conclude that the congruence f{x, y) = 2r (mod 2") in unknowns x, y has 
exactly 2" solutions in {0, 1, . . . , 2" — 1}'^). Thus, / is equiprobable. 

Now we are to begin a study of asymptotically ergodic functions in the class of all 
uniformly differentiable modulo p functions, which have integer-valued derivatives 
modulo p. It turnes out that these functions could be in one variable only. To be 
more exact, the following theorem is true. 

3.11 Theorem. Let a function F = (/i,... ,/„):Zp"^ Zp"'' be uniformly 
differentiable modulo p and asymptotically ergodic, and let it have integer-valued 
derivatives modulo p. Then n = 1. 
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We will need two lemmata. 

3.12 Lemma. Let a function /:Zp"'' "Lp he uniformly differeniiable m,odulo 
p, let it have integer-valued derivatives modulo p, and let it vanish m,odulo (i.e., 
let it be congruent modulo p^) for some k > Ni{f) at all points o/Zp"\ Then 
each partial derivative modulo p of the function f vanishes modulo p at all points 

ofz^rK 

Proof of the lemma 3.12. Each fmiction gi{xf),xi, . . . , Xn) = Xi + Xof{xi, . . . , Xn) 
for arbitrary values of xo,xi, . . . , Xi-i,Xi+i, . . . , is a bijective modulo func- 
tion in variable Xi, {i = 1,2, . . . ,n). As k > Ni{gi) = Ni{f), then according to 3.9, 
Qi asymptotically preserves measure, and thus its derivative modulo p vanishes at 
no point of Zp. Moreover, the following is true: 

d d 

gi{uo,. . . ,Un) = 1 + uo ■ ^ — /(ui, . . . (modp) (1) 



OiXi 0\X 

for all uq,... ,Un £ Zp. If 



diXi 



f{ui,... ,Un) = dj^O (modp) 



for some ui, . . . ,Un € Zp, then choosing uq such that u^d = — 1 (mod p) we get a 
contradiction to (1). This proves the lemma. □ 

3.13 Lemma. Let a function H: l}^^ — »• Zp"' he uniformly differentiahle modulo p, 

and let it have integer-valued derivatives modulo p. If H is hijective modulo p^ and 
if H induces a trivial permutation modulo (i.e., an identity transformation of 
(Z/p'=-i)(")) for some k > Ni{H) + l, then H induces modulop^ (i.e., on (Z//)(")) 
either a trivial permutation, or a permutation of order p. 

Proof of the lemma 3.13. Let G be an arbitrary function which satisfies assumptions 
of the lemma, and let Ni{G) = Ni(H). Represent both H and G in the following 
form: 

H{xi, ... ,Xn) = {Xl, ... ,Xn) -\-U{xi, . . . ,Xn); 
G{Xi,... ,Xn) = {Xl,... ,Xn) + V{xi,... ,X„). 

Then both U and V are uniformly differentiahle modulo p, have integer-valued 
derivatives modulo p, and Ni{U) = Ni{V) = Ni{H). Moreover, both U and V 
vanish modulo p^~^ on Zp"\ for fc — 1 > Ni{H). Then lemma 3.12 implies that 
U[ = y/ = at all points of Z^"\ As \\U\\p < p-''+^ and ||y||p < p-'^+i everywhere 
on Zp""-*, then, implying 2.4, for all ft-i, . . . ,h„ £ Zp we obtain, consequently, that 

H{G{hl,... ,hn))=H{{hl,... ,hn)+V{hi,... ,hn)) 

= H{hi,... ,hn)+V{hi,... ,h,,)H[{hi,... ,hn) 
= H{hl,... ,hn)+V{hl,... ,hn)+V{hl,... ,hn)U[{hl,... ,hn) 

= {hi, ... ,hn) + U{hi, ... ,hn) + V{hi, ... ,hn) (mod p''). 
This implies, in particular, that for all s S N the following congruence holds: 
H'{hu... ,hn) = H(^^{hi,... ,hn)...) 

s times 

= (ft.1,... ,hn) + sU{hi,... ,hn) (modp''). 
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As U vanishes modulo p^~^ everywhere, then the latter congruence implies that 
HP{hi, . . . , hn) = {hi, . . . , hn) (mod p'^) for all hi,. . . ,hn £ Z^. This proves the 
lemma. □ 

Proof of the theorem 3.11. Choose k > Ni{F) + 1 such that F is transitive modulo 
for all n > fc — 1. The function F induces a permutation on (Z/p*^)'^"^ which is 

(k~-l)rL 

denoted as ak{F). Consider a permutation a = ak{F)P . As F is transitive 
modulo p'^, the order of a is (and hence a is not trivial). 

On the other hand, a = crfc(F*'"° ^'''). But F^""" is bijective modulo p'' 
and induces a trivial permutation modulo p''~^ (the latter assertion follows from 
transitivity of F modulo p^~^). Since a is not trivial, in view of 3.13 the order 
of (T must be p. Yet, according to the previous argument, the order of a is p", so 
necessarily n = 1. □ 

It is still an open problem to characterize asymptotically ergodic functions in the 
class of all uniformly differentiable modulo p functions which have integer-valued 
derivatives modulo p, but if we additionally assume that the function is uniformly 
differentiable modulo p^ and has integer- valued derivative modulo , the following 
description can be obtained. The method we prove the next theorem is in fact 
a generalization to p-adic case of the idea originally applied by M. V. Larin to 
description of transitive modulo n polynomials over Z, [15]. 

3.14 Theorem. Let a function f'.lip — > Zp be uniformly differentiable modulo p^ 
and let it have integer-valued derivative modulo p^ . Then f is asymptotically ergodic 
if and only if it is transitive modulo p^^^^^~^^ for odd prime p or, respectively, modulo 
2iV2(/)+2 p = 2. 

We need the following 

3.15 Lemma. Let a function f'.Zp — > Zp be uniformly differentiable modulo p, 
and let it have integer-valued derivative modulo p. If f is transitive modulo p^ for 
some k > Ni{f), then f induces on Ijjp^^^ a permutation, which is either a single 
cycle of length p^'^^ , or a product of p pairwise disjoint cycles of length p'' each. 

Proof of the lemma 3.15. For i = 0, 1, 2, . . . we denote via Xi = Si{x) e {0, 1, . . . ,p— 
1} a value of -ith digit in canonic representation of p-adic integer a; £ Zp. Now the 
definition of uniform differentiability modulo p implies that for an arbitrary x E Zp 
and s > Ni{f) = N there holds a congruence f{xo-\-Xip-\-- ■ ■-\-Xs-ip'''^ +XsP'^) = 

f{xo-\-xip-i \-Xs-ip''~^)-\-XsP''fi{xo-\-xip-\ hXs-ip"'^) (modp''+^). The 

latter implies that 

5s{fix)) = ^sixo,.--,Xs-i)-i-Xsf[{x) (modp), (1) 

where Xi = di{x) € {0,1, . . . ,p — 1} is the i-th p-adic digit of a; G Zp, (i = 

0, 1, 2, . . . ); ^s{xo, ■■■ , Xa-l) = Ss{f{xo -\-xip-\ h Xs-ip"^^)). 

Since partial derivative f{{x) modulo p is periodic with period p^, it depends 
only on xq, ■ . ■ ,Xn-i, so (1) can be represented in the form 

5s{f{x)) = ^s{xo,... ,Xs-i) + Xs'b{xo,... ,xn-i) (modp), (2) 

where ^{xq, . . . ,Xn-i) = fi{x). Applying for the composition of functions 'rules 
of differentiation modulo p*^' which were mentioned at the beginning of the section, 
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we conclude that for all r = 1, 2, . . . the following congruence holds: 



(r(^))'i = n/{(/nx)) (modp). (3) 
We recall that f^{x) = f{...f{x)...),f^{x) = x. As / is asymptotically com- 

r times 

patible, then transitivity of / modulo for some k > N implies transitivity of / 
modulo p" for all fc > n > iV (see [11], theorems 2.10 and 1.4). Yet /{ depends 
only on xo,. . . ,Xn-i, and / is transitive modulo p'^ , so (3) implies that 

if" {x))[ =( n • • • ' "^-i)) (mod p). (4) 

We denote the product in the brackets in the right hand part of (4) as H. Now, 
since (x) is uniformly differentiable modulo p and has integer-valued derivative 
modulo p, in view of (2) and (4) we conclude that 

ji n — N 

6n{F (x)) = <j)n{xn, ■ ■ ■ ,Xn-i) + XnliP (modp), (5) 

where (j)n{xo, . . . , Xn-i) = Sn{f^ {xo+xip+- • ■+Xn-ip"^^))- Since / is a transitive 
modulo function for k > n > N, the function , on the one hand, induces 
a trivial permutation modulo p", and on the other hand, induces on each coset 
a + p"(Z/j3"+^) of the ring Z/j3"+^ a permutation, which is a cycle of length p. 
This, in particular, means that the function in the right hand part of (5), being 
considered as a function in variable .t„, must be a permutation, moreover - a cycle 
of length p on {0, 1, . . . ,p — 1}. It is well known, however, that a polynomial 
c + dy e Z[y] is transitive modulo p iff d = 1 (mod p) and c ^ (mod p) (see e.g. 
[2, Ch. 3, Theorem A]). This implies, in particular, that 11^' =1 (mod p), and 
hence n = 1 (mod p) . Finally we obtain that 

fP''{x) = fP\xo + XiP+--- + Xkp'') 

= xo+xip-\ h Xk-ip''~^ + P^{(i)k{xQ, ... , Xk-i) + Xk) (mod p''+^). (6) 

The latter congruence implies that / induces a permutation a modulo p^'^^ . 
Moreover, we assert that if 

(t>k{xo,... ,Xk-i)^Q (modp) 

for some (equivalently, all) Xq, . . . , x^-i 6 {0, 1, . . . ,p — 1}, then / is transitive 
modulo p^^^; otherwise the permutation a is a product of exactly p disjoint cycles 
of length p'^ each. 

To prove this assertion, consider some wo, • • • , Ufe G {0, 1, . . . ,p — 1} and denote 
C a cycle of the permutation a which contains the point uq-\-uip+ ■ ■ ■-\-Uk-ip^~^ + 
Xkp'^ € As / is transitive modulo p'^ then (see (6)) p'^ is a factor of |C|, 

the length of the cycle C. If (j)k{uo, . . . , Uk-i) ^ (mod p), then (6) implies that 

fP" {U0+Uip + --- + + Xkp'') 

^uo + uip+--- + Ufc-i/"^ + Xkp'' (mod /+^), (7) 
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i.e., that |C| > p''. On the other hand, (6) impHes that |C| is a factor of p'^'^^. 
Finally we conclude that in this case |C| = p*^"*"^, i.e., / is transitive modulo p*^"*"^. 

If (pk{uo, ■ ■ ■ , Wfe-i) = (mod p) holds for some mq, . . . ,Uk S {0, 1, . . . ,p — 1}, 
then this congruence holds for all uq, . . . , Ufe G {0, 1, . . . ,p — 1} (otherwise in view 
of the previous case / is transitive modulo p*^"*"^ and (7) holds for all uq,. . . ,Uk G 
{0, 1, . . . ,p — 1} and the latter in view of (6) means that (pkiuo, ■ ■ ■ ,Uk-i) ^ 

k 

(mod p) , a contradiction) . Then (6) implies that is an identity permutation, 

i.e. \C\ ~ p'^, as p*^ is a factor of |C|. This proves the lemma. □ 

Proof of the theorem 3.14- During the proof of the previous lemma we have estab- 
lished that if / is transitive modulo p'^ for some k > Ni{f), then / is transitive 
modulo p" for all fc > n > Ni{f). So the 'only if part of the theorem is proved, as 

iV2(/) + l>iVi(/). 

Now we have to prove that if n > N2{f) + 1 (resp., if n > A^2(/) + 2 for p = 2) 

and if / is transitive modulo p", then it is transitive modulo p"^^. In view of lemma 
3.15 it is sufficient to prove that for some x € Zp the following condition holds: 

/f"(x)^x (modp"+i). (1) 

As transitivity modulo p" implies transitivity modulo p"~^, in view of lemma 
3.15 we have 

fP'"\x)=x+p^-'ax), (2) 

where ^: Zp Zp and (_{x) ^ (mod p) for all x <E Zp (otherwise 3.15 implies that 
/ is not transitive modulo p", a contradiction to the assumption). 

Further, since / is uniformly differentiable modulo p^ and has integer-valued 

derivative modulo p^, then for all r = 1,2, . . . a composition /'" is uniformly dif- 
ferentiable modulo p^ and has integer- valued derivative modulo p^, and (/'^(a;))2 = 

r-l 

n f2i.P(x)) (mod p2) (see (3) of 3.15). Now, as n - 1 > A^2(/), then taking 

into account these considerations and an obvious (following from (2)) equality 
(x) = (a;-l-p"^^^(x)), where s = 1, 2, . . . , we successively calculate 

(p-i)?"-'-! 

fp''{x)^f^p-'^^"-\x)+p^-'^{x) TT mH^)) 

(p-i)p""'-i \ 

f(p-^)p"-\x)+p--'ax){ n /2(/'w)+ n f2{fi^))] 

j=0 J 

^...^x+p--^i{x)\\^Y. n /2(/'(^))) (niodp"+^). (3) 

Yet f'2 is a periodic function with period p-'^^C/) ^-^^ j jg transitive modulo p"~^, 
so we conclude that for arbitrary i, j £ N the following congruence holds: 

/^(/^■(x))^/^(/^+^f""\x)) (modp2). 

In view of the transitivity of / modulo p"~^ the latter congruence implies that 

(p-i)p"-i-i 

n r2{^P{x))^a{:xY-^ (modp2), 
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where 

«(^)= n /2(/''(^))- 

j=0 

In view of (3) we now conclude that 

= a;+p"-i^(x)fl + ^a(a;)A (mod (4) 



Again, as /2 modulo is periodic with period p-'^^C/) a^jj,^ j jg transitive modulo 
for n — 1 > A^2(/), then a(a;) modulo does not depend on x. Moreover, we 
assert that a{x) = 1 (mod p). 

In fact, during the proof of 3.15 we have already established that if k > Ni{f) 
and if / is a transitive modulo p*^ and uniformly differentiable modulo p function 
with integer-valued derivative modulo p, then 



n f[{f{x)) = l (modp) (5) 

for all X & Zp (see the proof of (6) in 3.15). The definition of a derivative modulo 
implies that f2{x) = fi{x) (mod p); consequently, 

a{x) = l+pp (mod /) (6) 

for some /3 S Nq. In view of (5) and (6), now (4) implies that 



fP"ix)=x+p"'^^{x)\^p + p(3j2ij (modp"+i), (7) 

and for p ^ 2 we conclude that 

fP" {x)=x+ p^'Cix) (mod p"+i). 

In view of 3.15 the latter proves the theorem for p 2, since ^(a;) ^ (mod p) (see 
the text which follows (2)). 

For the case p — 2, the congruence (7) implies that 

f"{x)=x + 2"{l+f3) (mod2"+i) (8) 

and to finish the proof it is sufiicient to show that (3 is even. 

For n > A^2(/) + 2 the transitivity of / modulo 2" implies that / is transitive 
modulo 2-'^^^^')^'^, so in view of the definition of a derivative modulo p^ we have 
that 

2"-l 

f"{x + 2^0 = f'^x) + 2^e n /2(/'(^)) (mod 2^+2) (9) 

3=0 
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for N = N2{f), ^ G Z2. As / is transitive modulo 2^+^, then for arbitrary x G 
{0, 1, . . . ,2^ — 1} and with ^ running over {0, 1, 2, 3} the mapping 

is a cycle of length 4 on Z/4. In view of (6), 

H /^(/^(x)) = 1 + 2/3 (mod 4); 

so (9) implies that 

cj,,{^)=c{x)+ ^{1 + 2/3) (mod 4), (10) 

where c{x) = 5N{f'^'^ (x)) + 2^jv+i(/^"(a;)). But for each x the mapping (j)^ is 
transitive modulo 4, so (10) in view of the above mentioned transitivity criterion 
for polynomials of degree 1 (see [2 , Ch. 3, Theorem A]) implies that /? = 
(mod 2). □ 

Note. The analog of the theorem 3.14 generally does not hold for a function which is 
imiformly differentiable modulo p. Namely, for each n G N there exists a uniformly 
differentiable modulo 2 and compatible function /: Z2 ^ Z2 with /{ = 1 everywhere 
on Z2, Ni{f) = 1, which is transitive modulo 2*^ for A; = 1, 2, ... , n, but which is 
not transitive modulo 2* for all k > n. (By argument similar to applied below one 
can construct a counterexample for p ^ 2 as well.) 

Represent a; G Z2 in its canonic form a; = a;o+a;i •2 + a;2 -2^ + . . . , xq,xi,X2 ■ ■ ■ G 
{0, 1}. Consider a function 

00 

/(^) = ^(t>i{xo,--- ,Xi)-2\ 

i=0 

where each 4>i{xo, . . . ,Xi) is & Boolean polynomial, which is linear with respect to 
variable Xi. In other words, cpi{xo, ... ,Xi) = tpi{xo, . . . ,Xi_i) + Xi in the factor- 
ring Z/2[xo, . . . , Xi]/ (xq - xo, . . . ,xf - Xt) of the ring Z/2[xo, . . . , x^] of all poly- 
nomials in variables a;o,... ,Xi over Z/2 with respect to the ideal, generated by 
Xq — xo,--- ,x1 — Xi (we assume V'o = !)• It is not difficult to see that this function 
/ is compatible (see 3.9 of [11]). Direct calculations show that for arbitrary s G N 
and /i G Z2 there holds a congruence /(a; + 2*/i) = f{x) + 2^h (mod 2*+^), i.e., that 
the function / is uniformly differentiable modulo 2, and /{ = 1 everywhere on Z2, 
with Ni{f) = 1. 

Further, in the theory of Boolean functions there are well known sufficient and 
necessary conditions for transitivity modulo 2" of the function / of the considerd 
kind: namely, it is transitive modulo 2" iff (j}i{xo, . . . , Xi) = ipi{xQ, . . . , Xi^i) + Xi 
for i = l,2,...,n— 1, where each Boolean polynomial ipiixo, ■ ■ • , Xi-i) for i = 
1,2,... , n — 1 is of odd weight (that is, the number of all Boolean vectors, satisfying 
it, is odd) and iJjq = 1. (This result, which is known as transitivity modulo 2" 
criterion for triangle transformations, belongs to mathematical folklore, so it is 
difficult to refer the originating paper, yet a proof can be found in, e.g., [11], see 
4.8 there). 
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Now choosing for a given n G N a function / so that i/'o = Ij with Boolean poly- 
nomials tpii^Oj • • • ) Xi-i) of odd weight for i = 1, 2, . . . , n — 1, and with Boolean 
polynomial tpn{xo, ■ ■ ■ , of even weight, we obtain a function, which is transi- 

tive modulo 2*^ for fc = 1, 2, . . . , n, but which is not transitive modulo 2"+^^. Then 
it is not transitive each modulo 2*^ with k > n, since, in view of compatibility of /, 
transitivity of / modulo 2*^+^ implies its transitivity modulo 2^^. 

3.16 Corollary. Let A = (Zp; il) be a universal algebra of finite signature fl, 
and let all operations of be uniformly differentiable modulo functions with 
integer-valued derivatives m,od,ulo p^ . Then there exists a positive rational integer 
k{A) such that a polynomial f{x) G A[x] is asymptotically ergodic if and only if it 
is transitive modulo p'^(^) . 

Proof. The proof of this corollary is similar to one of 3.10, 3° and so is omitted. 
We can take k{A) = max{A^2(i^) : w G fi} + e, where e = 1 if p is odd, otherwise 
e = 2. □ 

4. Hensel lift starting points. 

The results of previous section show that for a class Vi (respectively, V2) of all 
uniformly differentiable modulo p (respectively, modulo p^) functions, which have 
integer-valued derivatives modulo p (respectively, modulo p"^), there exists a func- 
tion C'.'Di ^ N (respectively, rj: D2 ^ N), such that a function / G "Di (respectively, 
/ G 'D2) is asymptotically measure-preserving (or is ergodic) iff it is bijective (re- 
spectively, transitive) modulo pf^-''^ (respectively, modulo p''^-''^). Theorems 3.9 and 
3.14 give corresponding estimates for Cif) ^.nd rj{f). 

These estimates are sharp, i.e., there exist a compatible function / G Pi (re- 
spectively, f &V2) such that / is bijective (respectively, transitive) modulo 
(respspectively, modulo p^^C/) fQj. p ^ 2, or modulo 2^^(-'')+-'^ for p = 2), but / 
is not measure-preserving (respectively, is not ergodic). For instance, a polyno- 
mial f{x) = 1 -|- a;^ is bijective modulo p, Ni{f) = 1, but in force of 3.10, 1° the 
polynomial / is not bijective modulo p^, since /'(z) = (mod p) for all z G Zp. 

A corresponding example for theorem 3.14 in case p ^ 2 gives a function f(x) = 
(a; -|- 1 ) ©p 1 , where ©p is digitwise multiplication modulo p of p-adic integers: 5i {x 0p 
y) = 5i{x)5i{y) (mod p) for all i G Nq. The function / is uniformly differentiable, 
its derivative is everywhere on Zp, and A^2(/) = 1; at the same time / is transitive 
modulo p, but it is not even bijective (hence, is not transitive) modulo p^. 

Nevertheless, boundaries for C(/) ^nd ?](/), which give, respectively, theorems 
3.9 and 3.14, might differ significantly from the ones for various proper subclasses of 
I>i and of T>2. For instance, for a function f{x) = {ax + b) XORc, with a,b,cG N, 
theorem 3.14 states that f{x) is asymptotically ergodic iff it is transitive modulo 
2Liog2 since this function is uniformly differentiable and has a derivative which 
is a everywhere on Z2, and A^2(/) = [1082^]- Yet direct application of the above 
mentioned criteria of transitivity modulo 2" for triangle transformations and for 
polynomials of degree 1 over Z immediately implies that / is ergodic iff it is transi- 
tive modulo 4. So the problem of sharpening estimates of C(/) and r]{f) for various 
important from a certain view classes, which are narrower then Vi and V2, could 
be of interest. 

In this section we study a class A of all compatible functions /: Zp Zp such 
that, loosely speaking, coefficients of their interpolation series tends to as fast as 
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p 

i\, or faster (recall that lim z! = 0). More accurate, a function /, represented by 

i—^oo 

interpolation series (0) (see section 2) with p-adic integer coefScients Ui, belongs 
to A iff it is compatible, and a sequence {H-ffllp • * = 0, 1, 2, ... } is bounded, i.e., 
Ilff lip ^ for some p{f) G Nq. Recall that according to the theorem 2.1, a 

function / represented by is compatible iff ||aj||p < p~Liogp»J for all i e N. 

Class A is rather wide: it contains all intcgcr-vahicd compatible analytic on Zp 
functions, in particular, compatible functions which could be defined by integer- 
valued polynomials over Qp. It is known (see [3, Ch. 4, Theorem 4, p. 224]), that 

p 

a function / of the form (0) is analytic on Zp iff lim ^ = 0. 

j— >oo 

So for the rest of this section we assume that f € A. Put 

A(/) = minjfc G N : 2^^ ~k> p(/)|. 
The following theorem is true. 

4.1 Theorem. Let f & A and p is an odd prime. The function f is ergodic if 
and only if it is transitive modulo (ifp ^ 3) or modulo 3^^-^^+^ {if p = 3). 

Since / is compatible, then in view of 2.1 it can be represented in the following 
form: 

f{x)=bo + Y,hpl'°^^^\ Q, 

where bj G Zp for j = 0, 1, 2, . . . . Everywhere during the proof we assume that / is 
represented in this form. Further A(/) is denoted as A and p is assumed to be an 
odd prime. We will need some additional technical results. 

4.2 Lemma. Under the assumptions of theorem 4-1 the following is true: 

bi = (mod p), for i > 2p^; 
bi = (mod p^), for i > 3p^. 



Proof of the lemma 4-2. Ubi = 0, then the assertion of the lemma is trivial. Suppose 
that 6i 7^ 0. Represent / as 



oc ^ 

/(x) = 6o + ^TyML'°^'''J(a 



i=l 



where, we recall, {x)i = x{x — 1) • • • (a; — i + 1) (with (a;)o = 1) is ith descending 
factorial power of x. As / G A, i.e., 



then 



ordp bi > ordp i\ - [logp i\ - p{f), 
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(1) 



for all i = 1,2, We recall that log^ ||a||p = — ordpfl, for a € Zp. Thus, the 

maximal p-prime factor of a is exactly p°'^'^p ° . 

In fact, the function K{i) = ordp i\ — [log^ i\ is nondecreasing. To prove this, note 
that, obviously, ordpi! > ordp (i — 1)!. If [logpij = [logp(i — 1)J then K{i — 1) < 

K{i). 

Assume [logp jj > [logp(j — 1)J for some positive rational integer j. Evidently, 
[logp jj + 1 is the number of significant digits in the p-base expansion of j. Hence 

the case under consideration takes place exactly if and only if j — 1 = (p — 1) + 
(p - l)p + • ■ • + (p - l)p" = p"+^ - 1 for some n G No- But then ordp j! = 
ordp (i - 1)! + n, [logp(j - 1)J = n, [logp jJ = n + 1, and so > K{j - 1). 

Now it is sufficient to prove only that K(2p'^) — p{f) > 1 and k(3p^) — p{f) > 2. 
We recall that ordp il ~ ^^{i~wtp i), where wtp i is the sum of all digits in ap-base 
expansion of i (i.e., if i = io + iip + ■ — h isp", where iq, . • . ,is £ {0, 1, . ■ . ,p — 1}, 
then wtp i ~ io + ■ ■ ■ + is, see e.g., [6 , ch.l, section 2, exercise 13]). 

As p 7^ 2, then K(2p^) - p(f) = ^(2p^ - 2) - A - p{f) > 1 according to the 
definition of A = A(/). Hence, if p 7^ 3, then 

«(3p^) - p{f) = ^(3p^ - 3) - A - p{f) = K{2p^) + J—{p^-l)- p{f) > 2. 
p — 1 P — 1 

So if p ^ 3 the lemma is proved. 
Finally, let p = 3. Then 

«(3p') - P{f) = «(3^+^) - p{f) = ^(3^+1 - 1) - A - 1 - p{f) > 2, 
otherwise in view of the inequality 

3^ - 1 - A > p{f), 
(which follows directly from the definition of A = A(/)) we get 

l(3A+i _i)_A-i-3^ + l + A<l, 

i.e., 3"^ — 1 < 2, and so A < 1, a contradiction. The lemma 4.2 is proved. □ 

4.3 Corollary. Under assumptions of theorem 4-2, for i G N the following is 
tvuc ' 

A7(x) _ f (mod p2), ifi>2p^ + l; 
i ~\o(modp), ifi>p'^ + l. 

Proof of the corollary 4.3. As (f) = ( .^^.) Hi > j and (^) = if i < j, then 

A' fix) _ ly^^ JloS„.7j-ord„,Y X ^ 



where i = ip °'''^p^ g Zp,ordp? = 0. Now the result is obvious in view of lemma 
4.2. □ 
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4.4 Proposition. Under assumptions of theorem 4-1 the function f is uniformly 
dijferentiable modulo , has integer-valued derivative modulo p^ , N2{f) < A(/) + l. 
Moreover, 

/^(a=)-i:(-ir^^ (mod/). 

Proof of the proposition 4-4- To prove the first assertion of tiie proposition we will 
demonstrate that there exists a function /j:^^ — > Zp such that for all x,h € Zp 
and m > A(/) + 1 the following congruence holds: 

f{x+p"'h) = fix) + p'^hf^ix) (mod (1) 

In view of the compatibility of /, it is sufficient to prove the congruence (1) only 
for h e {1,2, .. . ,p'^ — 1} (for h = the congruence is trivial). Applying Newton 
formula 



f{x + n)=J2[f)^'f{^) 



i=0 

for n = p^h, we have 

f{x+p"'h) = f{x)+p"'h^m{x,h), (2) 

where 

i=i ^ ^ 
Hence in view of 4.3 for m > A + 1 we obtain: 

2p^ 



f l^ ^ fP""h - l\ A' fix) , , . 



)• (4) 



Further, for i = 1, 2, . . . , 2p^ the following obviuos equalities hold: 



Here j = jp is the unit of Zp, i.e., j has multiplicative inverse 4 in Zp; hence, 

each factor of the product in the right hand part of (5) is p-adic integer. 
\ii<p^ then m — ordp j > 2 for all j = 1, 2, . . . , i — 1; so (5) implies that 

= (-1)-^ (mod/). (6) 

If p'^ + 1 < i < 2p^ and j G {1, 2, . . . , i — 1} then m — ordp j = 1 only in the case 
when simultaneously j = p^ and m = A + 1 hold; otherwise m — ordp j > 2. Yet if 
m — ordp j = 1 then 

^^^0 (modp) 
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(see 4.3); hence in both cases we have that 

(mod/). 

So in view of (5) we conclude that 

/,";.-AA7M,(_i).-.^ (mod/). 
\ I — I J I I 

for alH = 1, 2, . . . , 2p^. Now (4), (6), (7) together imply that 



(7) 



2p^ 



(mod/) 



1=1 



and in view of (2), (3), (4) this completes the proof of proposition 4.4. □ 

4.5. Lemma. Under assumptions of theorem 4-1, there exists a function d:TL^ 
Zp such that for arbitrary x,h €.Zp the following congruence holds: 

f{x + /ft) = f{x) + p^hf'^ix) + p^+^h'^e{x) (mod /+2). 

The function 6 satisfies the following condition: for arbitrary a,b £ lip the congru- 
ence a = b (mod /) implies 0{a) = 6(b) (mod p). Moreover, one may put 



Proof of the lemma 4.5. Firstly we prove that the function 9 defined by the latter 
equality is integer- valued on Zp. Since / is compatible, each fraction ^ for 
s = 1,2,3,..., is p-adic integer (see 3.1 of [11]). So it is sufficient to prove only 
that for all fc G {1, 2, . . . ,p — 1} both functions a{x) and f3k{x) (defined below) are 
integer- valued on Zp. By definition, 



Since 



AV(a:) = 5:6,pLi°swJ(^^.^^j (1) 



for i = 1,2,3,... and 



6,pLi°SpjJ =0 (mod/+^) 

for all integer rationals j > 2/ (see 4.2), then a{x) G Zp. If j > kp^~^ +/ then 
[logpjj > A; hence (1) implies that l3k{x) G Zp. 
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Now wc prove that for all a.,b G Zp the congruence a. = b (mod p^) implies 
0{a) = 0(h) (mod p). In view of (1) and 4.2 the following congruence holds: 

We recall a statement of the well known Lucas theorem (for a proof see e.g [4]): 

if a = X^^o '^iP^ ^^'^ ^ ~ Si^o ^^^^ respectively, canonic representations of 
p-adic integer a and of nonnegative integer rational b (i.e., a,, 6, G {0, 1, . . . ,p — 1} 
for i = 0, 1, 2, . . . ), then 



bj ~ \boJ\bJ"'\bN 



(mod p). 



So, if a = 6 (mod p^), then Lucas theorem implies that for all j = 2p^,2p^ + 
1, . . . , ^p^ — 1 the following congruence holds: 



a \r b 

j - 2pV \j - 



(mod p). 



Thus, (2) imphes that 

a{a) = a{b) (modp). (3) 
Further, combining (1) and 4.2 we obtain that 

for all A; = 1,2,... ,p — 1. Now applying Lucas theorem once again, we conclude 
that 

Pk{a) = 0k{h) (modp) (4) 

for a = 6 (mod p^). 
Lastly, assuming 



lk{x) 



kp 



in view of (1) we conclude that for fc = 1, 2, . . . ,p — 1 the following congruence 
holds: 

1 ^^"^ ^ X \ 

Again, applying Lucas theorem, we conclude that 

7fe(a) = 7fe(6) (mod p) (5) 

for a = 6 (mod p^). Hence in view of (3) - (5) the congruence a = b (mod p^) 
implies the congruence 6{a) = 6{b) (mod p). 
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Now wc prove the rest of the lemma. As / is compatible, during the proof we 
may assume that h gN (case /i = is trivial). According to 4.4 (see (2)-(5) there) 
the following is true: 



where 



f{x+p^h)=f{x)+p^h,^{x,h) {modp^+'), (6) 



i=l 



and, besides, 



for j = 1,2, . . . ,2p^. 

As / is compatible, then, according to 3.40 of [11], 

(modp) 

in all cases with the exception of, possibly, a case when i is of the form i = tp'^ 
for suitable t G {l,2,...p — 1} and s G Nq. Thus, if z < p'^~^ , as well as if 
simultaneously p^~^ < i < p^ and p^~^ is not a factor of i, the equality (8) implies: 

/p>/.-AA7M,(_l).-i^ (^,dp^). (9) 
\ I - 1 J t I 

Let i = kp^-'^ for A; G {2, 3, ...,}? - 1}. Then (8) implies: 

(^^'^-l)^(-l)'=^^-^-i + (-l)VE7 (-od/). (10) 



Further, if p-^ < i < 2p'^ and ordpi 7^ A, A — 1 then (1) (together with congruence 
following it) imply that 



= (mod p^). (11) 



Now we have to study the only two remaining cases: i = vp^ for u G {1, 2} and 
i = kp^~^ + p-^ for G {1, 2, . . . ,p - 1}. The latter one in view of 4.3 and (8) 
implies that 

r^'^^)^.(-l)-^^ + (-l)-^/.^ (mod,^). (12) 
Further, for fc = 1, 2, . . . ,p—l the following trivial equality holds in Qp: 



k) kp^-^ + p^ kp^-^ ^ ' 

32 



Prom here in view of 4.3 we conclude that 



(mod p) 



and since | G Zp and ordp| = 1, the equahty (13) imphes that 
A'=p'"'+pV(a;) _ A'=f'"'+pV(a;) 



Hence, applying (12) for i = kp^~^ + p^ , we have that 
p^h-1 \A''P^~'+P'f{x) 



(mod p ). 



+ {-ir-'phPk{x) (mod /). (14) 



/jpA-l ^pA 

In case i =p^, the equality (8) implies that 



p^h - 1^ - 



(-1)^^-1 -p/,^l^(-l)P^-i (modp^), (15) 



pX-ij - - " 

since for p ^ 2 the following congruences hold in Q^: j = Sj=ii = 

(mod p). 

Finally, for i = 2p^, applying (8) and 4.3, we conclude that 

+ hpa(x) (mod /), (16) 



2p^ - ly 2p^ ~ ^ ' 2p^ 2p 

2p 



where a{x) e Zp, as it was shown above. 

Now by the combination of (6), (7), (9), (11), (14), (15), (16) with 4.4 we finish 
the proof of the lemma 4.5. □ 

4.6 Lemma. Under assumptions of theorem 4-1, for all x,h G Zp the following 
congruence holds: 

f^ix+p^h) = f^{x) + 2ph0{x) (mod p2). 
Here 9 is the function defined in 4-5. 

Proof of the lemma 4-6. In view of 4.4 the following is true; 

/^(x+p^/z)^£(-l)-i^^^^^^±^ (mod/). (1) 
i=i ^ 
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For i = 1, 2, . . . , 2p^ the previous lemma implies that 

I 

where i = ip-°^'^P^ is a unit in Zp, i.e., it has a multiplicative inverse 4 e Zp. 

The term of order 2 (with respect to h) in (2) may not vanish modulo only if 
i e {p^,2p^}. Yet, as AJ(^) = for zy > j and A-?(^) = iov v < j, then for 

all j e N we have 



(3) 



Consequently, if j G {p^, 2p^}, then 



A o^A 



=0 (modp). (4) 

for fc € {1, 2, . . . ,p — 1}. Further, for j € {p^, 2p^} the equality (3) in view of 4.3 
implies that 

fcpr^-O(modp), (5) 

AJ+2p^ f(x) 

^-r^^O (modp). (6) 

Now, by the definition of 9, combining together (4), (5), (6) we conclude that 
^^1^ = (mod p) for iG{p^, 2p^}, and thus 

^2pA+i-ord,i^:M=o (modp^) (7) 
I 

for alH = 1,2,... ,2p^. 

The term of order 1 in (2) may not vanish modulo p^ only for i G {1, 2, . . . , 2p'^} 
such that ordp i> X — 1, i.e., for 

i e {/,2/,fc/-\A:/-^ + / : fc = 1,2,... ,p- 1}. 

Combining together 4.3, 4.4 and 3.4 of [11] we already referred (see argument which 
follows (8) in the proof of 4.5), we have 

t=0 r=l ^ 

and hence 

A-lp-l 
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t=Or=l 



This for i G {fcp^~^ + : k = 1,2, . . . ,p - 1} in force of (3) and 4.2 implies that 
A^f2{x) = (mod p), and consequently 

hp- __i2W=o (modi>2) (10) 

for fc=:l,2,...,p— 1 (since multiplicative inverse -j^p^ of fc + p is in Zp). 
If i G {kp^~^ : k — 1,2, . . . ,p — 1} then in view of 4.2, (3) and (9) we have: 

, A-i Af^P^'^+v^ fix) , A(^+'=)P^"' f fx) 

^^'^ E (-ir-^^^yr/^ (-od^.). (11) 

T=l 

If i = 2p^ then 4.4 impUes that 

2p' 



. f!L A^+^P f(T) 



i=i 

This in view of (3) and 4.2 implies that 

A2fV2(^)=0 (mod/). (12) 
Now we consider a case i = p^. Proposition 4.4 implies that 

A^'V^(x)^ E(-l)^-^^^^^^ (mod/), (13) 

since, combining together (3) and 4.2, for j = j?'^ + 1, . . . , 2p^ we conclude that 

^^^.0 (mod/). 
J 

Moreover, (3) implies that the latter congruence holds also for all j < p^ — 1, such 
that j 7^ kp^~^, where fc = 1, 2, . . . ,p — 1. Thus, (13) implies that 

Now, substituting (7), (10), (11), (12), (14) to (2) and summarizing up all the 
obtained congruences for i ranging from 1 to 2p^, in view of (1) and 4.4 we conclude 
that 



f^{x+p^h) 



,_, A^^--+^V(.) 



fe=l 
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We recall that here and after all calculations arc performed in the field Qp, and 
by the above agreement the congruence ^ = (mod p'') for ^ G Qp and positive 
integer rational k means that \\^\\p — p"'^ (hence, ^ is a p-adic integer). Proceeding 
with this note, we conclude that for A;, r G {1,2,... ,p— 1} the following equalities 
hold in Qp: 

2^ k rp^-^ 

fe=l T = l 

m=l k+r=m m=l t=1 

since for fc, r G {1, 2, . . . ,p — 1} it is obvious that 

V — - V 1 ^ 1 . 1 ^ 1 _ 2 1 

. A;t , ^ (to — r)r to , ^ t m — t to r' 

fc+T=m fe+r=m K+r=m r=l 

Besides, as it was shown during the proof of 4.5, both a{x) and l3k{x) are p-adic 
integers for fc = 1, 2, . . . ,p — 1 and x G Zp; thus 



2hpa{x)=h J^; hpPk{x) = h ^^x^r^' (17) 



where all the factors are }>adic integers. Now the assertion of the lemma follows 
from (15), (16), (17) and definition of the function 6. □ 

Proof of the theorem, 4-1- Finishing the proof of the theorem 4. 1 , note that according 
to 4.4 there holds an inequality A^2(/) < A(/) + 1. Thus, by 3.14 it is sufficient only 
to show that if p 7^ 3 and / is transitive modulo then it is transitive modulo 

p^(/)+2 jj^ turn, for this purpose in view of 3.15 it is sufficient only to prove that 

fP'*\x)^x (mod/+2) (1) 

at least for one x G Zp. Further we merely calculate f^^*^ {x) modp'*'+^. 

Under the assumptions we have made above, / is transitive modulo p^, since / 
is compatible. Then by 3.15 we conclude that for all a; G Zp 

P\x)=x+p^i{x), ^(x)^0 (modp), (2) 

where ^: Zp ^ Zp is a function defined everywhere on Zp. 

We assert that for each z = 0, 1, 2, . . . the following congruence holds: 

i-l 

r'+\x) ^ fix) +p'ax)]im'ix)) 

3=0 

+ P^+^?(x)^n/2(/^W)E|^£^il/^(r(^)) (mod/+2) (3) 
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Recall that the sum (rcsp., product) over the empty set of indexes is assumed to 
be (resp., 1). Note also that since / is transitive modulo p^^^ it is bijective mod- 
ulo Consequently, / is bijective modulo p^, . . . ,p^,p since / is compatible. 
Hence /{(a;) ^ (mod p) for all x G Zp (see the proof of 3.9) and thus f2{x) ^ 
(mod p) either (as f2{x) = f{{x) {mod p)). So all the denominators in (3) have 
multiplicative inverses in Zp; thus, during the proof of (3) and further we assume 
that all the calculations arc performed in Zp. 

We can easily prove (3) by the induction on i. If i = 0, then (3) trivially follows 
from (2). Assume that (3) is true for i = rn — 1. As 

/^'+"(a;) = /(r'+™-^(x)) (4) 

then, assuming in (3) that i = m — 1, substituting (3) to (4), applying 4.5 and 

a congruence {f^(x))'2 = 11^=0 /2(/"'(-^)) (niodp^), we prove the congruence (3) 
for i = m, in view of compatibility of /, by obvious direct calculations. We omit 
details. 

Now we apply (3) to calculate {x) modp'^+^. Put 

Mx) = {nx))'2 = ^f!2{r{^)); 

s.W = (/'W)ig|^''(/'W) = 

Lemma 4.6 implies that 

^ ' \ /^(a) (modp), if /i 7^0. ^' 

As f is transitive modulo p^, then (5) implies that /2(/*'(a^)) = f2{f^{x)) (mod p) 
as soon as fc = r (modp^). Besides, by 4.5 the latter condition implies that 
e{f>'{x)) = 0{r{x)) (modp). 
Further, 

II /^(r(a;))^l (modp). (6) 

r=0 

This has been already proven in 3.15 (see proof of (6) there), since 4.5 implies that 
-^i(/) < A. Consequently, 

n/2(r(^)) = ri/2(rw) (niodp) 

T=0 r=0 

as soon as fc = r (mod p^). 
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Finally we conclude that for every i G N 

P"^ — 1 T 

B,^.{x) ^ t ^ n ^ tB^-{o:) (modp). (7) 

Now we calculate A^p\{x) (mod p^) for t G N. The congruence (3) in view of (6) 
implies that 

T-l 

f^'+^x) ^ r{x) + kp^^ix) n mHx)) (mod (8) 
for all e N and all r e {0, 1, . . . - 1}. As 

fe=0 T=0 

then in view of (5) and 4.6 the congruence (8) implies that 

t-lp^-l ^ T-l x 

(^) = n n /2 ( /"(^) + '^(^) n /2(,f (x)) ) (mod p% 

fe=0 T=0 ^ j=0 ' 

or, applying 4,6, 

P^-l / T-l \ 

MA^) = n n /2(r(^)) + 2A;K(x)0(/-(x)) n /^(/^(x)) 

fc=0 r=0 \ j=0 / 

t-l /?/-l 

=n n /2(r(^)) 

fe=0 \ r=0 

n^^~^ f'(fHx)) \ 

+ 2fcK(x) 1] g(r(x)) ''^-° ; n /2(/^ (^)) (mod (9) 

According to (6), 

,/-i 

n f2{f{x)) = l+pe 

for suitable e G Zp; consequently, (9) implies that 
t-l / p^-i 



fe=0 \ s=0 
/t-l \ /p^-1 



1 + ipe + 2pe(a;) E H • E ^(r (^0)^ 



n;iU(/'(^))^ 



u=o / v.=o /2(/^(-))^ y- 

^l + tpe+pt(t-l)C(x) E ^(r(^))%7i|^^ (modp2). (10) 
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Now combining together (2), (3), (7) and (10) we conclude that 



= fp' (x) + p^^{x) + etp^+^i(x) + p^+^f^{xfBpX {x) (mod (11) 
Finally, combining (11), (2) with obvious induction on n we obtain that 

fup- (^) ^ + np^(^{x) + e/+i^(x)^fcil 

+ p^+^^(x)^i?,x(x) "^"~^^g^^"~^^ (modp^+2) 

or, in particular, 

/f {x)=x+ p^+^^{x) (mod p^+2), 
since p ^ 2, 3. But the latter congruence in view of (2) implies that 

fP'*\x)^x (mod/+2). 
This finally proves the theorem 4.1 □ 

Note. With the use of theorem 4.1 we can determine whether a given integer- valued 
and compatible polynomial f{x) G Qp[x] is ergodic. Represent f{x) in the form 
fix) = where r G Zp and g{x) G Zp[x] and at least one cocfRcicnt of ^(.t) 

is coprimc with p. In fact, we can take r to be a common denominator of all 
coefficients of f{x) represented as irreducible fractions. Here we assume that f{x) 
is represented in the basis (a;)o = 1, (x)i = x, {x)2 = x{x — 1), . . . of descending 
factorial powers, or in a standard basis l,x,x'^, . . . . Then p(f) = ordp r, and p{f) 
does not depend on the choice of the basis. We recall that p°'^'^p ^ is the greatest 
power of p which is a factor of r. Now we easily find A(/) and determine whether 
/ is transitive on Z/p^(-^)+^ (e.g., by direct calculations). In view of 4.1 for p 7^ 2, 3 
this is equivalent to the ergodicity of f{x) (for p = 3 one should study transitivity 
of /on Z/pM/)+2). 

Moreover, it is possible for each prime p to determine, whether a polynomial 
f{x) £ Qp[x] is integer- valued, compatible and ergodic, by calculating its values at 
0(deg /) points. Namely, the following is true. 

4.7 Proposition. A polynomial f{x) G Qp[x] is integer-valued, compatible and 
ergodic iff the mapping 

z ^ f{z) modpLiogp(<ieg/)J+3^ 

with z ranging over {0, 1, . . . ,pLiogp(deg/)J-i-3_-|^|^ defines a compatible and transitive 
function on the residue class ring Z/p'-'°ep(deg/)j+3 

Proof. Coefficients S Qp (i = 0, 1, . . . , d) of the polynomial f{x) of degree d, 
which is represented in the form f{x) = X]i=o'^'(T) (^"^^ (^) section 2), are 
defined by the values this polynomial f(x) takes at the points 0, 1, . . . , d. In other 
words, all values /(O), /(I), • • • , f{d) are p-adic integers iff all coefficients S Qp 
(i = 0, 1, . . . ,d) are p-adic integers, i.e., iff a polynomial f{x) is integer-valued (see 
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the beginning of section 2). By the analogy, in view of the theorem 2.1, a polynomial 
f{x) preserves all congruences of the ring Z/pLioSp'^J+i iff < p-Uogp»J for all 
i = 1,2,... ,d, i.e., iff f{x) is compatible on Zp. In other words, to determine 
whether a polynomial f{x) is integer- valued and compatible it is sufficient (and 
necessary) to determine whether it induces a compatible function on the ring Z/p'^ 
for some (arbitrarily fixed) k > [log^ d\ +1. 

In force of theorem 4.1, for p 2, an integer-valued and compatible polynomial 
f{x) is ergodic iff it is transitive modulo p'"' for any arbitrarily fixed k > A(/) + 2. 

Representing /(x) as f{x) = bo + ^ti b,p\-'°^-'\ (^), 6, £ Zp for j = 0, 1, 2, . . . , 
we conclude that p{f) is the least nonnegative integer rational, which is not less 
that each of ordpi! — [log^ «J — ordp 6^ {i = 1,2,... ,d). Thus, since a function 
ordpi! — [logp «J is nondccreasing (see proof of the lemma 4.2), then each fc G N, 
which satisfies inequality 2 ^^~^ — k > ordpd! — [log^dj, will satisfy inequality 
k > A(/). Yet since ordp d\ = — wtp d), where wtp is a sum of all digits in 

p-base expansion of d, then, choosing any A; G N, which satisfy inequality 

2'-^-k>' (1) 
p— 1 P — 1 

we obtain that k > A(/). Elementary considerations, however, show that k = 
[logpdj + 1 satisfies inequality (1), thus proving the proposition for p 7^ 2. 

In case p = 2 a polynomial f{x) G Q2[x] of degree d is integer- valued, compatible 
and ergodic iff it is of a form 



/(x) = l+x + X:&i2Li°«^(^+i)J+if'^Y (2) 
i=o ^"^^ 

where bi & 1^2, i — 0,1,2, ... ,d (see theorem 2.3). Since coefficients of the poly- 
nomial f{x) in its representation in a basis (^), i = 0, 1, 2, ... , are uniquelly de- 
fined by the values of f{z) at the points z = 0, 1, . . . ,d, then to verify conditions 
(2) for the polynomial f{x) it is sufficient to calculate its values at the points 
z = 0,1,... ,2'^ — 1, where r € N is an arbitrarily fixed number satisfying the 
inequality d < 2'' — 1. So one can take, for instance, r = [log2(rf -|- 1)J -|- 1, or 
r — [log2 dj -I- 3. This finishes the proof of 4.7. □ 

Note. Proposition 4.4 shows that for p ^ 2 a function f ^ A satisfies assumptions 
of the proposition 3.9; hence, since Ni{f) < N2{f), a function / preserves measure 
iff it is bijective modulo By the argument similar to those of the proof of 

proposition 4.7, one could prove the following 

4.8 Proposition. A polynomial f{x) G Qp[x] is integer-valued, compatible and 
measure-preserving iff the mapping 

z I— > f{z) mod p^f , 

with Kf = [logp(deg/)J -|- 3 and z ranging over 0, 1, . . . ,p^f — 1, induces a com- 
patible and bijective function on the ring Z/p^f . □ 

Again, estimates of C(/) and ??(/) we mentioned at the beginning of the section, 
might be sharpened for various important proper subclasses of A in comparison 
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with given by the theorem 4.1 and propositions 4.7 and 4.8. A case of analytic on 
Zp functions (i.e., functions which can be represented by convergent everywhere on 
Zj, power series) seems to be of importance. 

It is well known (see e.g. [3, Ch. 14. Section 4]) that power series X^^g^*^' 



Jp, i = 0,1,2 .. .) converges everywhere on Zp 



iff Um c; — 0: under the latter 



condition the scries defines a continues function on Zp. Of course, in general this 
function may not be integer-valued, not speaking about compatibility. Consider, 
however, a particular case, when all coefficients Ci are p-adic integers. Namely, in 
the ring Zp[[.T]] of all formal power series in variable x over a ring Zp consider a set 
C{x) of all series 



Cix" {ci G Zp, i = 0, 1,2. . .), 



which converge everywhere on Zp. In other words, s{x) e C{x) iff lim a = 0. 

i — ^oo 

Under these assumptions the series s{x) 6 C{x) defines on Zp an integer- valued 
function s : Zp Zp. It turnes out that this function s is uniformly differentiable 
and has integer- valued derivative everywhere on Zp. 

Consider a formal derivative s'{x) G Zp[[a;]] of the series s{x): 



s'{x) = 'y^^icj. 



i=l 



Since < ||zci||p 



\\p\\Ci\\p < \\Ci\\p, 



and lim Ci = 0, then lim ici = 0, and hence 



s'{x) €C{x). We assert that the function s' : Zp ^ Zp is a derivative of a function 
s : Zp ^ Zp with respect to p-adic distance. 

Indeed, it is known that in the ring Zp[[x,y]] of all formal power series in variables 
X, y over Zp the following equality holds: 



i=0 



where s^^'>{x) G Zp[[a;]] {i = 1,2, . . .) is ith formal derivative of the scries s{x), and 

s(o)(x) = s{x). By the assertion proven above, s(*^(a;) G C{x) for alH = 0, 1, 2, 

Thus, 

sW(w) 



gz„ 



for each u G Zp. But 



E 



< max] c 



J lip • . 



and consequently. 



lim — - — 

i— *cxD i\ 

41 



p 

since lim Cj = 0. Thus, for each u e Zp we have that 



s{u + y) = Y,^r^y'^C{y). (♦) 

i=o 

Finally, if s{x) G C(.t), then Taylor series at the point u & Ijp converges to s 
everywhere on Zp. In particular, for h €Zp we obtain 

s{u + h) = s{u) + s'{u)h + a{u, h), 

With lim ; = hm h > — =0, since > — ^j-^h G Z„ m view 

of the equality lim ^ — = 0, which just has been proven above. So, s'{u) is a 

derivative of the function s at the point u. Thus, the set C{x) is closed with respect 
to differentiations, and all functions, defined by series of C{x), are infinitely many 
times differentiable. 
Further, let 



Si 



be an interpolation series for the function s(x) G C(x). We assert that — is p-adic 

I'. 

integer for alH = 0, 1, 2, Actually, 



s{x) = ^Cfeo;*^ = ^Cfe^52(A;,i)i!f . ) = E^'( ■ ) ^S2{k,i)ck, 

k=0 fc=0 i=0 j=0 fc=i 

P P 

where S2{k,i) is Stirling number. Since lim a = 0, then lim S2{k,i)ck = 0, 

i — ^oo k — ^oo 

because all Stirling numbers S2{k,i) are integer rationals, i.e., ||S'2(A;, i)||p < 1. 
Consequently, the series Y^^=i^'2{k,i)C'k converges to some Ai e Zp for all i = 
0, 1, 2, ... . This proves our assertion, since 

Si = i\Ai (i = 0,1,2,...). (★) 

Put 

B(a;) = |/(a;) = ^a,Q ^ | e Zp, i = 0, 1, 2, . . . |. 

In other words, B{x) is a ring of all formal descending factorial power series over Zp. 
Each series f{x) e ^(a;) correctly defines on Zp an integer-valued and uniformly 
continues function f : "Zp ^ Zp (see the beginning of the section 2). This function / 
is compatible in view of 2.1, since we have shown during the proof of the lemma 4.2 
that ordp (^!) — [logpij is nonnegative and nondescending function on Nq. Denote 
via B (respectively, via C) a class of all functions defined by all series of B{x) 
(respectively, of C{x)). Obviously, B{x), B, C{x), C are rings. 

Further, any two distinct series of B{x) (respectively, of C{x) ) define two distinct 
functions on Zp: for the series of B{x) see the beginning of the section 2. As for 
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the series of C(.t). note, that the above mentioned interpolation series for s{x) G 
C{x) defines a function, which is identically on Zp iff all its coefficients s, are 
(hence, Ai = 0, i = 0,1,2,...), see (*). Yet Ai = Y^'^^i S2{k,i)ck, hence 
Ci — "5*1(^1 i)Ak ~ 0, where S'i(fc, i), S-^ik, i) are Stirling numbers of respective 

kind, and the assertion follows. Thus, the rings B{x) and B (respectively, C{x) and 
C) are isomorphic; so further we do not differ series from the function it defines. 

Note also that the incluion B Z) C (see ("A")) is strict. Obviously, f{x) = 
J2iloi^)i ^ ^' since f{x) = X)^o^'(i)' •^(•^) ^ ^' Moreover, this function is 
not even analytic on Z^: according to [3, Ch.4, Theorem 4] a function represented 

p 

by the interpolation series ('O') of the section 2 is analytic on Zp iff lim ^ = 0. 

So, a function of B (in contrast to one of C), generally speaking, can not be 

represented by Taylor series which is convergent everywhere on Zp. Newertheless, 
all functions of B are differentiable at all points of Zp, and B is closed with respect 
to differentiations: if / G S, then /' e B. 

To prove the latter assertion, recall that a uniformly continuous on Zp function 
/, which is represented by the interpolation series (<0), is differentiable everywhere 



on Zp iff 



lim ^ = (♦) 



for all n S No (see [3, Ch. 13, Theorem 2]). The lattter condition obviously holds 
for f G B, since ordpOj ^ ordp (i!) = ~ wtpi), and [logp ij ^ ordpi for all 

i = 0, 1, 2, Thus, a derivative /' of the function / is defined everywhere on Zp, 

and 

■1=1 ^ 

in case this series is convergent. Yet ^ ^.^'^^ = i 'Y'jLi consequently, 

+1 A7(x) _ ^ i^+iOfc+i 



k=0 



But the series view of (♦), for each k gNq converges to a cer- 

tain Sk e Qp, and ordp = ordp a^+j-ordp i > ordp ((fc+i)!)- [logp i\ = 
k-wtp{i + k))- [logpij = ^(i-wtpi)- [logpij + ^(fc-wtpfc) + ^(wtpfc- 
wtp {i + k)+ wtp i) > (k — wtp k) — ordp (fc!). (The latter inequality holds since 
^{i - wtpi) > [logpij and ^(wtp k - wtp {i + k) + wtpi) = ordp > 0)). 

Thus, e Zp for all fc e Nq; hence /' e B. 

With the use of these results now we are able to prove the following 

4.9 Theorem. A function f € B preserves measure iff it is bijective modulo . 
The function f is ergodic iff it is transitive modulo {for p 2, 3), or modulo p^ 
{for pe {2,3}). 



Proof. The definition of B immediately implies that p{f) = for each f € B, hence, 
A(/) = 1. Thus, for p ^ 2 the second assertion of the theorem follows from 4.1. 

43 



To prove the first assc;rtion, in view of 3.9 it is sufficient to demonstrate that / 
is uniformly differentiable modulo p, and Ni{f) < 1; that is 



(mod/+i) (1) 

for all z,r G Zp and k = 1,2, Since /, /' G B, these both functions are 

compatible, so it is sufficient to prove (1) for z,r G No- Since for r = the 
congruence (1) is trivial, we may additionally assume that p'^r = n £ N. 

Further, since IMlil^ = J2Z^ (U)^^ /'(^) = E,=i(-1)^+'^. 
then to prove (1) it is sufficient to prove that 

Yet = i J2°l.^ a, (^.^,.) , thus, in view of 4.2, for p ^ 2 there holds a congruence 

^ -(^^^ = (mod p) for all i > 2p. So within this case (2) is equivalent to the 
congruence 

|'((::0-<-'-i^^° „ 

Since / is compatible, then ^ ^J^^^ ^ (mod p) only for, might be, i = sp^, 
(m e No, s S {1, 2, . . . ,p — 1}) — see [11, lemma 3.4]. Now, since n = p^r, (3) 
immediately follows from the already mentioned Lucas theorem, thus proving the 
first assertion of 4.9 for p 7^ 2. 

Now, if p = 2, then (2) is equivalent to 



E 



2^-1)+^)^^"° (mod2). (4) 



i=0 

Yet since ^ G Z2 for all j = 0, 1, 2, ... , then ordz a2.+„ > orda (2*)! = 2* - 1 for all 

m = 0, 1, 2, . . . ; consequently, ^^^^ ^ (mod 2) only for, might be, i = 0, thus 
proving (4). 

Finally, the rest part of the assertion of theorem 4.9 for p = 2 follows from 2.3: as 
ord2 i\ < ord2 ai for alH = 0, 1, 2, . . . , and orda i\ = z— wt2(i), then by an elementary 
argument it is not difficult to show that [\og2{i + l)J+l<i — wt2(«) < orda Oj 
for i > 4; and orda fli > 3. This implies that necessary and sufficient conditions of 
ergodicity of a function expressed as interpolation series (<C>) of section 2 hold for 
all coefficients with i > 4. These conditions for the rest of the coefficents are 
equivalent to the transitivity of / modulo 8, since aj = (mod 8) for i ^ 4. □ 

Note. Theorem 4.9 demonstrates that sufficient and necessary conditions of tran- 
sitivity modulo p" for the polynomials with integer rational coefficients established 
by M. V. Larin in [15] remain valid for a wider class (namely, B) of functions. It 
turncs out, however, that all these functions modulo eachp" could be expressed as 
polynomials with rational integer coefficients. 

Namely, from the definition of a class B it easily follows that each function 
f G B is uniformly approximated by polynomials over Z^: for each n G N there 
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exists a polynomial S Zp[a;], such that f{z) = fn{z) (mod p") for all z E Zp. 

Actually, the series jlo ''i (j) defines a function, which is identically modulo 
iff all Tj = (mod p") (see [11, proposition 4.2]). So we may put fn{x) = 
Erio^ where a;(n) = max{j G No : ^(i - wtpj) < n}. 

It turncs out that the inverse assertion is also true: if a function / : Zp ^ Zp 
is uniformly approximated by polynomials over Zj, in the above mentioned sence, 
then it lies in B. To prove this assertion, assume that f{z) = fi{z) (mod p') for 
all z G Zp, where fi{x) £ 'Zp[x], i = 1,2,... . Each polynomial fi{x) of degree 
di admits one and the only representation as interpolation series {■()■) of section 2: 
/i(-^) = J2f=o "'ij (j) ' where Uij € Zp and ordp Uij > ordp (j!) in view of (*), since, 
obviously, fi € C C B. For a given function / each polynomial fi{x) is unique 
up to the summand which induces an identically modulo function. So we 
may assume that di = iu{i) (sec above); then coefficients of the polynomial fi{x) 
are defined uniquelly up to the summands with p-adic norms not exceeding p~*. 
This implies that fli+i ,j = ajj (mod p*) (wc assume a^j = for j > uj{i)). Hence, 
P 

lim aij = aj G Zp, and ^ G Zp. Consequently, the scries '^Z'iLn'^ii') defines 

a uniformly continuous on Zp function f G B, which must be equal to /, since 
f{z) = fi{z) = f{z) (mod p') for all ^; e Zp and alH = 1, 2, . . . . 

Now wc define a non-Archimedian pseudo-valuation on B as max{||/(z)||p: 2; G 
Zp} for f £ B. The just proven results imply that with respect to the distance Dp, 
induced by this pseudo-valuation, the ring S is a complete metric space; actually, 
B is a completion with respect to Dp of the space P C C of all fmictions induced 
on Zp by polynomials over Z (in particular, the space B is separable). 

This implies, in turn, that B (contrasting to C) is closed with respect to com- 
position of functions: ii f,g G B then f{g) G B. In fact, let g be uniformly 
approximated by the sequence {gn{x) G Zp[a:] : n = 1, 2, . . . }, that is, gn{z) = g{z) 
(mod p") for all 2 G Zp. The compatibility of the function / imples then that 
Dp{.f{g), .f{gn)) < P^", i-c, for n ^ cx) the sequence /((/«) tends to f{g) with re- 
spect to distance Dp. But f{gn) G B for each n = 1, 2, . . . : if / is uniformly approx- 
imated by the sequence {,fm{x) €Zp[x] : m= 1,2,...}, then ,fm{gn{z)) = f{gn{z)) 
(mod p") for all z € Zp. Hence, the sequence {fm{gn{x)) G Zp[a:;] : m — 1,2,...} 
tends to the function f{gn) with respect to the distance Dp, and fm{gn) G B, since 
it is a polynomial over Zp. Consequently, f{g) G S in view of completeness of B. 

Thus, we have proven the following 

4.10 Proposition. The ring B is a separable and complete with respect to the dis- 
tance Dp metric space of functions, which are differentiable everywhere onZp. B is 
closed with respect to compositions of functions and with respect to differentiations. 
A countable set V of all polynomials over Z is a dence subset of B. □ 

To make use of criterion 4.9 for the applications to pseudorandom number gen- 
eration it is important to have a huge stock of examples of functions of B which 
are to be implemented as computer programs. As we have mentioned above, all 
polynomials over Zp are in B. 

Rational over Zp functions, that is, functions of the form f{x) = where 
u{x),v{x) G Zp[a;], are also in B, providing the denominator vanishes modulo p 
nowhere on Zp (in view of compatibility it is sufficient to verify the latter condition 
only for the points of {0,1,... ,p — 1}). Indeed, for each .2 G Zp the element 

45 



v{z) is not modulo p, and honco has a multiplicative inverse in the ring Z/p". 
Thus = it(z)i;(z) ■"'■P ^^-^ (modp"), where is Eulcr totient function. Hence, 

the function / could be uniformly approximated by polynomials u{x)v{x)'^^p G 
Zplx], n = 1, 2, . . . ; hence, it is in B in force of 4.10. 

Another type of functions of B are exponential ones. For instance, consider a 
function with a = 1 (mod p) (hence, a = 1 + pr for suitable r G Zp). Then 

= J2t^oP^''^^{l.)' "^^ll known (see e.g. [3, Ch. 14, Section 5]), that for 

p ^ 2 this function is analytic on Zp (hence, lies in C). If p = 2 and r is odd, 
then is not analytic on Z2, thus not in C. Newertheles, within the latter case 

is in B, since ord2 (i!) = i — wt2 i and hence (1 + 2r)^ = J^iLo 2'^* ) G B. It 
is not difficult to see that the fimction (1 + 4r)^ is in C. So, summarizing all these 
considerations, if a € Z^, a = 1 (mod p), then the function is in B. 

Exponential functions of the considered type are particular cases of functions of 
more general form u", where u{z) = 1 (mod p) for all z GZp. 

4.11 Lemma. Let u, v. Ip — > Zp he compatible functions and let u{z) = 1 (mod p) 
for all z <E "Zp (so it is sufficient to verify the latter condition only for z = 
0, 1, . . . ,p— 1). Then the function f{z) = w(z)"^^-' is correctly defined for all z 6 Zp, 
integer-valued and compatible. Moreover, ifw,v e B, u{z) = l+p'w{z), then f & B. 

Proof. The above considerations of functions of type with a = 1 (mod p) imme- 
diately imply that the function / is correctly defined on Zp and that it is integer- 
valued. To prove the compatibility of /, note, that for arbitrary b,c,d € Zp and 
n = 1, 2, . . . one has (a + p^bf+v"'^ = (a + p^bY{{a + p^'bY^Y, since elmentary 
properties of powers are of the same form both in real and p-adic cases, sec [3, 
Ch. 14, Section 5]. As both u and v are compatible functions, then for arbitrary 
0,r G Zp there exist s,i G Zp, such that (u(^+35"r))''(^+P'''') = {u{z)+p^tY'^''^+^"^\ 
hence {u{z + = (u(z) + ((u(z) + pHY"Y = (ui^) + P^'tY'^''^ 

(mod p"), in view of the congruence {u{z) + p'^tY" = 1 (modp"). The latter 
congruence is to be proven. 

As u{z) = 1 (mod p), then for a suitable k G Zp we have u{z) + p^t = 1 -\-pk. 
Yet (1 +pfc)P" = ECofeVe^r) = E£o^'7r(P")' ^ 1 (modp"), since ff € Zp. 
Finally, denoting by v{z) = v{z)m.o6.p'^ the least nonnegative residue of v{z) 
modulo p", for a suitable h & Zp we obtain f{z + p"r) = {u{z) + p"t)''(^) = 

{u{z)+p^tY^{u{z)+p''tY"'' = {u{z) + p'^tf^ = Ello w(-2)'^"'p™*'C'i'^) = 
{u{z)Y'^^^ = {u{z)Y^''\u{z)Y"'^ = (w(2;))^^^\ where = stands for congruence mod- 
ulo p". Thus, / is compatible. 

To prove the rest of the lemma, note, that for each z G Zp and each n = 
1,2,... the congruence {u{z)Y^''^ = Y.l^oiuiz) - l)'C'i'^) (mod p") holds, since 
\\u{z) — l||p < ^. This implies that 

(1) all functions /„ = ElLo fr(^)»^' ™ ^' since all ^ are p-adic integers 
(see above); 

(2) the sequence {/„ : n = 1, 2, . . . } tends to / with respect to the distance Dp. 
Now (l)-(2) imply that / G B in force of 4.10. □ 

With the use of these results one may construct explicit forms of various ergodic 
functions to be performed by a computer. For instance, the following is true. 

46 



4.12 Proposition. For g G B the function f{x) = 1 + a; +p'^g{x) is ergodic. 

Proof. For p ^ {2,3} the assertion trivially follows from 4.9. For p G {2,3} in 
view of 4.9 it is sufficient to show that / is transitive modulo p^. In turn, to 
demonstrate the latter it is sufficient to prove only that f^P (0) ^ (mod p^) 
for A; = 1, 2, . . . ,p — 1, since in / is transitive modulo p^ and hence, in view of 
its compatibility, induces on Z/p^ a permutation with each cycle length being a 
multiple of p^ . Yet since for alH = 0, 1, 2 . . . the compatibility of g implies that 
/i(0) = i + p2 ^(j-) (inod p% then /'^f' (0) = kp" + p2 y:%-^ g{j) = kp^ + 

p^ 5^2=0 fji^)P^ = (mod p^), since (again in view of the compatibility of g) a 
congruence s = r (mod p) implies the congruence p^g{r) = p^g{s) (mod p^). □ 

5. Applications: a discussion. 

The results obtained in previous sections might have applications to design pseu- 
dorandom number generators which have relatively simple program implementa- 
tion, generate purely periodic sequences of numbers of {0, 1, . . . , m — 1} and provide 
certain guarantee for the statistical quality of these sequences, their uniform distri- 
bution at the first turn. Speaking about relatively simple program implementation, 
we mean that the considered generators have certain parameters which are critical 
to the performance, and which one may vary to achieve the desired performance 
without affecting the quality. 

In case m = is a power of a prime p, these sequences might be generated as 
the first order recurrence sequences satisfying the relation Xn+i = f{xn) (mod m), 
where /: Zp — > Zp is any compatible and ergodic function of the considered in previ- 
ous sections. In this case for each fc = 1, 2, . . . we obtain a purely periodic sequence 
with period length p^ , with each element of {0, 1, . . . , p*^ — 1} occuring at the period 
exactly once (in particular, the generated sequence is uniformly distributed). 

An important indicator of statistical quality of the sequence is the distribution 
of (r -h l)-tuples {{xn,Xn+i, ■ ■ ■ ,Xn+r) ■ n — 0,1,2,...}. Ideally, the sequence 
{u„ = (|f, 22^, . . . , 2^) : n = 0, 1, 2, . . . } of points of (r + l)-dimensional Eu- 
clidean space should be uniformly distributed in the unit hypercube for all r. By 
no means this can be achieved for periodic sequences. For such sequences there are 
some popular tests of quality, based on certain characteristics of families of hyper- 
planes, which are parallel one to another, and which union contain all the points 
corresponding to the sequences of (r + l)-tuples (see e.g. [2, section 3.3.4]). 

Note, that if for some c, Cq, . . . , G Z the congruences 

r 

c + ^CiXn+i=Q (mod/), (n = 0,1,2,...) (A) 

i=0 

hold, then all the points u„ fall into the hyperplanes h + X^^^q CjXj = 0, which are 
parallel one to another. For linear congruential generators such families of parallel 
hyperplanes exist even for r = 2, not depending on k (see the introduction). 

Note, that if (A) holds for some fc, then for all j = 1, 2, . . . for the members of the 
sequence {.t„} hold relations /c + ^^^g/cjXn+j = (mod p^'^^). The relations of 
the latter kind will be temporarily and loosely defined as trivial. Trivial relations 
always exist: for instance, choosing certain /S' G N in view of the ergodicity of 
/ we obtain for all fc > the trivial relations p'^~^a;„_|_pK = p'^~^Xn (mod p'^). 
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Speaking informally, the triviality of relations just means that their coefficients tend 
to whereas k tends to infinity, i.e. trivial relations are those which degenerate to 
= in Zp. 

For an important wide class of nonlinear congruential generators we prove that 
if the dimension of hyperplanes, which are parallel one to another, and which union 
contains all points u„, (n = 0, 1, 2, . . . ), does not tend to infinity together with k, 
then this family of hyperplanes is defined by trivial relations. 

Now we give exact statements. 

5.1 Proposition. Let f S Qp[x] be an integer-valued, compatible and ergodic poly- 
nomial of degree d over a field Qp of p-adic numbers (all these polynomials for 
p = 2 are completely characterized by theorem 2.3; for odd p see 2.4, 4.7 and a 
note preceding 4.7). Let, further, r be a positive integer rational such that for each 
k & N there exist c, co, . . . ,Cr € Zp, which satisfy (a) and not all of which are 
modulo p. Then d=l. 

We will need the following 

5.2 Lemma. Under the assumptions of proposition 5.1 let c, co,... , Cr G Zp be 
not depending on k, that is, let there exist c, cq, . . . , € Zp satisfying (a) for all 

€ N simultaneously. Then d= 1. 

Proof of the lemma 5.2. As / is ergodic, then d ^ 0. Assume that d > 1. Consider 
w{x) = f'+X]I=o As w{x) is a composition of integer-valued and compatible 

polynomials over Qp, then w{x) G Qp[a;] is integer- valued and compatible. Yet each 
has degree d*; hence, since d > 1, then w{x), being a sum of polynomials of 
pairwise distinct degrees, must be a polynomial of nonzero degree. 

Yet, since .x„_|-i = /'(/"(-To)) (mod p*^), the assumptions of the lemma imply 
that w{xn) = (mod p'"') for all n = 0, 1, 2, ... . In other words, w{z) = (mod p'^) 
for all 2; G Zp, since Xn takes all values in {0, 1, ... jp*^ — 1} in view of the ergodicity 
of /, and w{x) is compatible. The assumptions of the lemma now imply that 

w{z) = (mod p'') for all z G Zp and all /c = 1, 2, Consequently, w{z) = for 

all z G and hence polynomial w{x) must be in the ring Qp[a;]. A contradiction 
proving the lemma. □ 

Proof of the proposition 5.1. By the assumption, for each fc G N the set Ck of all 
c = (c, Co, . . . , Cr) G Zp+^, ||c||p = 1 with c, Co, . . . , Cr satisfying (a), is not empty. 
Obviously, £i D £2 3 . . . , since / is compatible. 

Further, we assert that each set Ck is closed in the topology of metric space 
Z;;+2. Actually, if c G A, c' G Z;;+2, ||c - c'|| < p'" , s > k, then c' = c + p^z for a 
suitable z e Zp+^. Hence, ||c'||p = 1 and c' satisfies (a); consequently, c' G £fc. 

Now we apply to the sequence Ci D C2 . . . the p-adic analog of the lemma on 
the imbedded closed intervals of real analysis. The analog of this lemma holds for 
the topological spaces of much more general type — see e.g. the theorem in [16, 
Ch. 3, section 34, I], from which the p-adic case could be easily deduced. Thus, we 
conclude that the intersection of this sequence is not empty. That is, there exists 
c" G Zp+^ which satisfies the assumptions of lemma 5.2. Yet then d= 1. □ 

Prom here we deduce the following 

5.3 Theorem. Let f G Qp[x] be an integer-valued compatible and ergodic poly- 
nomial with degf > 1, and let there exists r G N such that for each G N the 
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linear complexity over the ring TLj-p^ of the recurrence sequence defined by 

the recurrence relation x„+i = /(a;„) (mod p''), does not exceed r. In other words, 
let there exist c^'^^ , Cq^^ , • • • , ci''^ S Zp such that 

r 

c(fe)+^cf)a;„+i=0 (niodp'=) (n = 0, 1, 2, . . . )• (m) 

i=0 

Then lim c'^'^^ = lini c\ = . . . = lim cj. = 0. 

k — ^oo k — ^oo k — *oo 

Proof. To start with, we note, that from the proofs of both lemma 5.2 and propo- 
sition 5.1 it follows that they remain true if we let k within their statements range 
over arbitrary infinite subset of N. 

Now for each k € N choose (and fix) c*^*^) , Cq'^-' , c[''^ , • • • , cl'^'' G z'^'^^^ satisfying 
(■^). Put Cfc = (cW,4''\cf\... ,c[''^) G Z^p^^K In view of 5.1 then ||cfe||p < 1 for 
all k gN. Denote Af = {k G N : \\ck\\p > P~''}- In other words, k ^ Af iS {m) is 
equivalent to a congruence = (mod p*^). 

It is obvious that if Af is finite, then the conclusion of the theorem is true. Let 
J\f be infinite. 

For k E J\f put Cfe = ||cfe[|pCfc and denote M a set of all m G N such that 
j3'^||c/c||p = for a suitable k G M. In other words, we replace each {<) with the 
equivalent system of congruences 

r 

cW + ^ cf)^„+i EE (modp™) (n = 0,1,2,...), 

where (cW, cl'^^ c^'=^) = Cfe, = /llcfcllp. 

If the set A/" is finite, the conclusion of the theorem is obviously true. If J\f is 
infinite, then, since ||cfe||p = 1, in view of 5.1 and the note at the beginning of the 
proof we conclude that deg/ = 1. A contradiction. □ 

In the statement of the theorem 5.3 we mention a notion of linear complexity 

of a sequence over a ring. This is commonly used (especially in cryptography) 
characteristic of a quality of a sequence. Lemma 5.2 in these terms asserts that the 
sequence {xi = f{xi-\) : i G N} has infinite linear complexity over Zp, providing 
/ G Qp[a;] is integer- valued compatible ergodic polynomial of degree d > 1. This 
assertion could be slightly strengthened. 

5.4 Corollary. If f G Qp[a;] is an integer-valued compatible ergodic polynomial of 
degree d > \, then a recurrence sequence {xn}, which satisfy recurrence relation 
Xn+i = f{xn), has infinite linear complexity over Qp. 

Proof. If for suitable c, cq, . . . , G Qp, which are not simultaneously, the equal- 
ity c + X]^=o (^j^n+j = holds for all n = 0, 1, 2, ... , then the equality he + 
J2'j=of^(^j^n+j = with ft, = 1, if c, Co, . . . ,Cr G Zp, and h = ||(c, cq,... ,Cr)\\p 
otherwise, holds either. In view of compatibility of / the conclusion now follows 
from 5.2. □ 

Note. The assumption / G Qp[x] within statements of 5.1-5.4 can not be omitted. 
For instance, let p = 2 and let 

oo 

f{x) = 1 + a; + 4(-l)i+^ = l + x + ^(-1)^2^ 
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By the theorem 2.3, the integer-valued function / is compatible and ergodic. How- 
ever, it is easy to see that the recurrence sequence {xn € Z2} with recurrence 
relation Xn+i = f{xn) satisfy the relation Xn+2 = a;„ + 2, i.e., has linear complexity 
2 over Z2. 

We should notice that in this section we use the notion of linear complexity of a 
sequence over a ring in a somewhat broader sence than it is commonly used. More 
often the linear complexity of a sequence {x„} of elements of a commutative ring 
R is understood as the smallest r > such that there exist cq, . . . , Cr-i G R which 
satisfy simultaneously all equations Xn+r — X]j=o '^j^n+j for n = 0,1,2, .... We, 
in distinction from it, admit nonzero constant term, as well as relations where all 
coefficients are zero divisors (yet not all simultaneously; in the assertion of 5.3 the 
latter, however, is not important). If is a field, then both notions basically do not 
differ one from another: if a sequence satisfies a relation c + X^[^o ^iXn+i = with 
Cr ^ 0, then it satisfies the relation Xn+r+i = c~^coXn — ^^j^Q c^^(cj—Cj^i)xn+j+i- 
Our definition seems to us some more convenient for geometric interpretations, see 
above. 

In other words, we have shown that, loosely speaking, nonlinear ergodic poly- 
nomial generators are absolutely nonlinear — the sequences they produce can not 
be implemented as linear recurrences over Qp. We do not discuss here what is 
the impact of these results on testing of the corresponding generators with the 
above mentioned statistical tests, leaving this issue to the forthcoming paper. We 
only note that they give some evidence that nonlinear congruential generators with 
integer-valued compatible ergodic polynomials over Q as state change functions in 
practice will pass the tests. 

Properly restated analogs of 5.1-5.4 hold for composite m = p^^ ■ ■ -Pg', which is 
a product of powers of distinct primes pi, . . . ,Ps, providing the transformation / 
preserves all congruences of the ring Zp^ x ■ • • x Zp^ . In connection with congruential 
generators modulo a composite m we also note that one can take / to be a function, 
defined on the set No of all nonnegative integer rationals, which takes values in Z, 
preserves all congruences of the ring Z and which is ergodic as a function of integer 
p-adic variable for all p G {pi, ... ,Ps}- These functions may also be constructed 
with the use of the results of the paper. 

For instance, such functions may be found in the class 

Bo = < {x)i : ai e Z;i = 0,1,2,.. . L 

i=0 ' 

where, we recall, {x)i is ith descending factorial power of x: (x)o = 1, = 

x{x — 1) • • • (x — « -I- 1) for alH = 1, 2, It is obvious that Bq is a proper subclass 

of the class B (studied in section 4) for each prime p (the definition of B, we recall, 
depends on p). Since B consists of functions, which preserve all congruences of the 
ring Zp, then each function g of Bq preserves all congruences of the ring Z, that is, 
for each a,h G No and each natural mimbcT > 1 a congruence a = b (mod N) 
implies a congruence g{a) = g{b) (mod N). So as a state change function of a 
pseudorandom generator we can take, for instance, 

f{x) = l + x + pl---plg{x) (ffGBo); 

in view of 4.12 / is ergodic as a function of integer p^-adic variable for all j = 
1,2,... , s. That is, / is transitive modulo Pj for all = 1, 2, . . . and for all j = 
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1, 2, . . . , s. Thus, / is transitive modulo each ■ ■ •p*"', for arbitrary ti, . . . ,ts & 
N. In particular, / is transitive modulo m, and hence a pseudorandom number 
generator with state change function / and arbitrary initial state xq G {0, 1, . . . , m— 
1} produces a purely periodic sequence of period length m, and each number of 
{0, 1, . . . , m — 1} occurs at the period of this sequence exactly once. 

Obviously, So contains all polynomials with rational integer coefficients, so if 
g{x) G 1i[x] is a polynomial of degree > 1, then the performance of the corre- 
spondig pseudorandom generator is equivalent to d additions and d multiplications 
modulo m of integer rationals. Obviosly, Bq consists not only of polynomials over 
Z. It is not clear, however, whether it contains other 'natural' functions which 
admit relatively simple program implementation. 

Moreover, if m is arbitrary, it is not clear enough, which functions should be con- 
sidered as 'natural', and which should not. If by 'natural' hmctions one imdcrstands 
compositions of arithmetical operations (addition, subtraction, multiplication, divi- 
sion, raising to a positive integer power, exponentiation) then the functions of this 
kind could be constructed, for instance, with the use of 2.3, 2.4, and 4.9 combined 
with 4.11 and 4.12. So, theorems 2.3-2.4 imply that a polynomial f{x) G Q[x] of a 
form 

/(.) = 1 + . + ^ c.p1'--'^+^^J+^ . . . p^-(^+^)J+^ 

i=0 

for arbitrary co , ci , C2 . . . G Z is transitive modulo arbitrary natural number M > 
1, which is a product of powers of {pi,... ,Ps}', in particular f{x) is transitive 
modulo m. Hence, the performance of the corresponding pseudorandom generator 
is equivalent to d multiplications, d additions, d + 1 reductions some moduli and 
one division of integer rationals. 

From the above formula it follows that, for instance, a polynomial f{x) = l+x + 
jg{x)(i is transitive modulo 10*^ for all A: = 1, 2, ... . In a similar way, with the use 
of 2.5 and 4.11 (or 4.9 together with 4.11) one may construct generators which use 
exponentiations. For instance, a function f{x) = 1 + x + 201^^ (or, more generally, 
a function f{x) = 1 + .-r + (1 + 200?i(.T))"''^^) with u{x),v{x) £ Z[.x]), as well as 
a function f{x) = 1 -|- x -|- 201^"^"' are transitive modulo 10^° for all = 1, 2, . . . 
(see 4.9 and 4.11); the same is true for the function f{x) = 1 -|- x -|- 100 ■ ll'^ 
(sec 2.5 and 4.11). Judging by the number of publications on inversive generators, 
taking a multiplicative inverse (or, generally, raising to negative powers) modulo 
m also should be considerd as 'natural' operations. Generators of this kind also 
could be constructed with the use of results of the paper: for instance, taking 
w{x) = —1, v{x) = X in the just mentioned example, one obtains a function /(x) = 
1 -h X -I- (1 -I- 200x)~-^, which is transitive modulo lO'^ for all A; = 1, 2, 

We note that during the past decade there were intensive studies of such pseudo- 
random generators, as power generator (/(x) = x^,r G N), exponential generator 
(/(x) = a^), twice exponential generator (/(x) = ) and inversive generator 
(/(x) = a + bx^^ or f{x) = (a + bx)~^). The examples of generators, which are 
mentioned above in the section, and which use compositions of arithmetical op- 
erations, including exponentiation and raising to negative power, as we see, are 
somewhat distinct from the ones usually studied (by summand 1 + x, at the first 
turn). These distinctions practically do not worsen the performance of the corre- 
sponding programs. However, these distinctions do not allow us to apply to the 
generators considered in this paper the results on already studied generators. It 
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would be very useful to study the possibility of sueh transfer, since in this area 
there are a lot of important results belonging to different authors (unfortunately, 
we could not present even a short survey here because of hudge number of these). 

At the same time, all the generators, introduced in this paper, are modulo 
given m equivalent to generators with recurrence relation Xn+i = fm{xn) (mod m), 
where fm{x) & Q[x] (this is an immediate consequence of p-adic Weierstrass the- 
orem, for the latter see e.g. [3, Ch. 10, Theorem 1]). Hence, all the results, 
obtained in literature for so-called polynomial congruential generators, could be 
immediately applied to generators, considered in this paper, at least, under extra 
restriction fm{x) G T^x]. 

We should note also, that a number of generators, studied in literature, concern 
a specific case, when rn is a product of two distinct large primes. The results of 
the current paper are of little interest for this particular case, since with the use 
of these results one can construct generators, which are either equivalent modulo 
a prime divisor p of rn to linear congruential generator, or involve some given 
in advance transitive modulo p polynomial of degree > 1. The latter must be 
constructed beforehand and then 'adjusted' to make it transitive modulo some p**, 
with s satisfying assumptions of 3.14, 4.1 or 4.9. The methods of such 'adjustment' 
we hope to publish in one of forthcoming papers, and here we restrict ourselves with 
an example. For instance, using these techniques, and choosing a transitive modulo 
5 polynomial l-|-3x^, it is possible to construct a polynomial 1— 127x— 152x^-|-152x^, 
which is transitive modulo each lO'", with arbitrary A: = 1, 2, ... . 

So in view of these considerations, methods of construction of pseudorandom 
generators, developed in the paper, could give the best effect if applied to the case 
when m is a product of relatively small primes raised to relatively large powers. 
Thus the case m = 2* is a natural focuse point, being the easiest for program im- 
plementations, since the reduction of a positive integer rational modulo 2* is merely 
a truncation of all its 2-base expansion senior bits, starting with the sth one (our 
numbering of digits starts with 0). It is this case, which leads to the most natural 
(judging by program implementation) operations other than the above mentioned 
arithmetical ones, namely, to bitwise logical operations like XOR, OR, AND and 
other bitwise operations with nonnegative rational integer operands, represented 
as 2-base expansions. And, luckely, there is a complete description of measure- 
preserving (or crgodic) functions in this case sec section 2 of the paper. 

The obtained results make it possible to construct pseudorandom number gener- 
ators, which satisfy some requirements to performance, statistics or cryptographical 
security. This theme will be thoroughly studied in forthcoming papers. Here wc 
briefly note only that application of equiprobable functions, which are also stud- 
ied in the paper, as output functions of congruential generators with ergodic state 
change functions, allows us, preserving uniformity of distribution, to eliminate one 
more well known disadvantage of congruential generators, the so-called 'low bit ef- 
fect'. The latter demonstrates each sequence {a;„}, satisfying recurrence relation 
Xn+i = ,f{xn) (mod 2*^) with compatible /: Z2 Z2: a sequence, composed of jth 
digits of each Xn, has a period length at most 2-'+^ only. Methods of remedy will 
be also studied in one of the future papers. 
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